before hacking any website, a
hacker needs to hack the IP address
of the site. An IP address can be
found by running a simple command
on your system.
Go to ‘run command’ or press
(windows + r), then type cmd and
press enter.
Use the following command with
the URL of the website for
retrieving its IP address.
nslookup URL address (i.e.
nslookup w ww.example.com)
Once you have got the IP, you can
scan it to see what hacking
protections the site is using and
what type of loop holes it has.
Once you have successfully found
out these, some common hacking
methods that can be applied to hack
the website.
Cross site scripting method
This is a type of computer security
vulnerability which is found in web
applications. Basically the application
contains hidden client-side scripts in
it. Attackers inject it into web pages
when affected users visit a website.
This method is used to gain or
bypass access controls.
Brutal force attack
In simple words, this method uses all
possible key matches to decrypt a
message or password. It is very
simple and effective but extremely
slow. Therefore, this method can
only be used if other methods don’t
work for the site.
Ddos attack
If any hacker intends to make a
website down rather than gaining
access to it, then this method is
perfect. Using Ddos, you can
overload the resources and render
the system unusable or extremely
slow so that no one can access the
site.
SQL injection
Basically it’s a code injection
technique which works when the user
input has an incorrect filter system
for string literal escape characters,
which are embedded in statements
using SQL. SQL injection also
exploits security vulnerability when
it occurs in the database layer of
some applications when user input is
weak enough to crack. Attackers can
influence the queries that stream to
the back-end database when they
use SQL injection.
Parameter tampering
Clients and server regularly
exchange parameters to modify
application data like user credentials
and permissions, price and quantity
updates of products and many more.
These parameters can be tampered
by Web Parameter Tampering
attack as they are important for
increasing the functionalities of the
applications and controls.
Attacking default credentials
When a hardware or network
application is developed, a set of
default credentials like a default
username and password is set for
gaining administrative access to the
system. Some webmasters or users
do not bother changing the defaults.
These defaults can be easily
attacked and cracked to gain
unauthorized access to the system.
Taking proper precautions for
unethical hacking can protect your
site and databases from hackers. If
you really care about your site and
personal information, then it will be a
priceless investment if you spend
some time to know the most popular
and possible ways a website of
hacking a website. Once you are
aware of them, you can easily find
any loophole or weak point and take
actions if necessary or you can
simply inform your webmaster about
your observation so that he/she can
take preventive measures.
No comments:
Post a Comment