last dumb question

Discuss the many weaknesses of browser security and ways to mitigate the threat

last dumb question

Post by fatso6996 on Mon Dec 06, 2010 2:01 pm
([msg=50151]see last dumb question[/msg])

how can i find a log in place on a commercial web site. they have to be somewhere otherwise no one can edit it.

(all things i learn here will not be used for black hat things, just for knowledge)
fatso6996
New User
New User
 
Posts: 24
Joined: Sat Dec 04, 2010 12:55 am
Blog: View Blog (0)


Re: last dumb question

Post by Assassian360 on Mon Dec 06, 2010 5:12 pm
([msg=50156]see Re: last dumb question[/msg])

Almost every site is different. Sometimes client side code will show where any sort of database files are. However typically that is terrible security practice and any reference to what the files may be or if they are even stored on that particular website are hidden on the server side. Essentially this means a lot of the time it can be hard to locate something like that. Even if you do work out where they are storing their data it doesn't always mean you can get it. Normally files like that if they exist will have some kind of permissions only allowing editing and viewing by the server.

You're unlikely to get anything more helpful than this. There is not really a hard fast rule, and a lot of the time information will be stored in SQL databases etc.
Assassian360
Poster
Poster
 
Posts: 135
Joined: Sat Jun 26, 2010 1:37 am
Blog: View Blog (0)


Re: last dumb question

Post by insomaniacal on Mon Dec 06, 2010 5:14 pm
([msg=50159]see Re: last dumb question[/msg])

Log in places?

Not sure what you mean, but most sites will let you log into an account you legitimately own without a problem. :)
It's not who votes that counts, it's who counts the votes
insomaniacal.blog.com
User avatar
insomaniacal
Addict
Addict
 
Posts: 1210
Joined: Sun May 24, 2009 10:21 am
Blog: View Blog (0)


Re: last dumb question

Post by Assassian360 on Mon Dec 06, 2010 5:21 pm
([msg=50160]see Re: last dumb question[/msg])

I think what he is meaning is "where do sites store their data from users?".

Edit:
But if Insomanical is right in his interpretation of your question. Then his answer is also right.
Assassian360
Poster
Poster
 
Posts: 135
Joined: Sat Jun 26, 2010 1:37 am
Blog: View Blog (0)


Re: last dumb question

Post by insomaniacal on Mon Dec 06, 2010 5:40 pm
([msg=50161]see Re: last dumb question[/msg])

Assassian360 wrote:I think what he is meaning is "where do sites store their data from users?".


I was being sarcastic.

Anyway, downloading the SQL database most likely by means of SQL injection and then trying to crack the password hashes the de-facto answer here. The difficulty in which to do this varies by configuration, but unless someone is running an old phpbb forum(for example) that has tons of exploits, it'll probably be pretty hard/impossible to get a dump of the database.
It's not who votes that counts, it's who counts the votes
insomaniacal.blog.com
User avatar
insomaniacal
Addict
Addict
 
Posts: 1210
Joined: Sun May 24, 2009 10:21 am
Blog: View Blog (0)


Re: last dumb question

Post by fatso6996 on Mon Dec 06, 2010 6:53 pm
([msg=50168]see Re: last dumb question[/msg])

no i mean where can i log into a site that normally isn't able to be logged into. i mean the admin has to identify them self somehow.. should i use a shell?

a random example would be http://www.huntingcamera.org/
fatso6996
New User
New User
 
Posts: 24
Joined: Sat Dec 04, 2010 12:55 am
Blog: View Blog (0)


Re: last dumb question

Post by Monica on Mon Dec 06, 2010 7:25 pm
([msg=50169]see Re: last dumb question[/msg])

fatso6996 wrote:no i mean where can i log into a site that normally isn't able to be logged into. i mean the admin has to identify them self somehow.. should i use a shell?

a random example would be http://www.huntingcamera.org/


You are a confused individual, and knowing this makes you upset. You can definitely use a shell. In fact, you can use FTP, too. You can also use Wikipedia, which offers valuable, 100% accurate information; using this will not make you upset. Then you can download special hacking tools at: http://www.elite-hackers.com. With these great tools and resources, you no longer will be upset.
hi am new so plz dont troll me or i report 2 the HTS mods ty
User avatar
Monica
Contributor
Contributor
 
Posts: 900
Joined: Thu Oct 02, 2008 12:29 am
Location: In The Shadows
Blog: View Blog (0)


Re: last dumb question

Post by Goatboy on Mon Dec 06, 2010 7:27 pm
([msg=50170]see Re: last dumb question[/msg])

It sounds like a round of tech word bingo when you talk.

There is no set place where all websites have you log in. Not all websites have a login page. Many are managed right from the server. I don't see how a shell would come into play here.
Assume that everything I say is or could be a lie.
1UHQ15HqBRZFykqx7mKHpYroxanLjJcUk
User avatar
Goatboy
Expert
Expert
 
Posts: 2825
Joined: Mon Jul 07, 2008 9:35 pm
Blog: View Blog (0)


Re: last dumb question

Post by fatso6996 on Mon Dec 06, 2010 7:38 pm
([msg=50174]see Re: last dumb question[/msg])

lol sorry i don't know anything about this kinda stuff. i've been reading about everything i can think of regarding hacking and coding but i sometimes need to ask a real person a few questions
fatso6996
New User
New User
 
Posts: 24
Joined: Sat Dec 04, 2010 12:55 am
Blog: View Blog (0)


Re: last dumb question

Post by Monica on Mon Dec 06, 2010 7:42 pm
([msg=50175]see Re: last dumb question[/msg])

fatso, I understand you may be upset because you're not getting the replies you want. It's OK to ask questions, but make sure to do some research on your own. Otherwise, if you continue to ask questions, it will make many people on the interwebs very upset. When you do research of your own, you will not only learn, but you will also gain confidence. You no longer will be upset.
hi am new so plz dont troll me or i report 2 the HTS mods ty
User avatar
Monica
Contributor
Contributor
 
Posts: 900
Joined: Thu Oct 02, 2008 12:29 am
Location: In The Shadows
Blog: View Blog (0)


Next

Return to Web

Who is online

Users browsing this forum: No registered users and 0 guests