What do you mean by Symbolic links?
In computing, a symbolic link (also symlink or soft link) is a special type of file that contains a reference to another file or directory in the form of an absolute or relative path and that affects pathname resolution.
How to Do Symlink on Web-server ?
In Symlink you need to shell access like GNY,C99,r57 etc.. on website.. It's look like this
Now You need To create 1 directory with any Name like sym,test etc....
Now after Creating Directory You need 2 file
1. Blank .txt file in zip format.
2. .htaccess
The txt file include this "/" and save it..
and .htaccess file include this below code:
Options Indexes FollowSymLinks
DirectoryIndex test.htm
AddType txt .phpAddHandler txt .php
and save it like ".htaccess"
now you need to upload both file zip and .htaccess. After Uploading both file We need to "unzip"
file using this command:
"unzip "file name""
after unzip u show a txt file there. Now you need to open appropriate path in Web browser.
It's look like this.
Now Just Click on 1.txt file that you unzip a zip file. After Click on 1.txt file It include all Directory's of the Web-server check out below Image:
Ok done Now in Symlink we will check the Directory path like
1. /home/"Website Username"/Public_html/
2. /hsphere/local/home/c283273/
There are Different Path Just you need to check out it.
If you Click On "Home" You will get 403 Error Means Forbidden Error but never mid after you get this Error you need to add "Website Username"
To find WebUsers You need to execute This command
cat /etc/passwd
the path is "/Home/"website username"/public_html/ "
After execute cat command it's look like above image.
Now Just find specific Target that have ADMIN LOGIN PAGE and CONFIG FILE
How did you find this specific Target site?
you need Server Ip and www.bing.com
To find Joomla,Wordpress and php site we can use this dork for it.
1. ip: 123.x.x.x index.php?option=2. ip: 123.x.x.x "Powered By WordPress"
3. ip: 123.x.x.x .php?id=
and more......
Finding Target site now you need to find config file. in joomla the config file name is "configuration.php" in wordpress "wp-config.php" etc.
You cannot directly see the file using like this
www.Target.com/wp-config.php
www.Target.com/configuration.php
But when we do symlink on specific Target we can show config file using Right click and view source..
It's look like above Image
This config file include site Database information like Database Name, Username, Password etc..
after getting this You can login into site data base and you can edit,delete of specific columns, fields etc..
But we need to change admin password. In many case The password is in MD5, base64 etc.. encrypted form. You need to Decrypt it... that's it.
after changing the password You know what to do...!!!
In computing, a symbolic link (also symlink or soft link) is a special type of file that contains a reference to another file or directory in the form of an absolute or relative path and that affects pathname resolution.
How to Do Symlink on Web-server ?
In Symlink you need to shell access like GNY,C99,r57 etc.. on website.. It's look like this
Now You need To create 1 directory with any Name like sym,test etc....
Now after Creating Directory You need 2 file
1. Blank .txt file in zip format.
2. .htaccess
The txt file include this "/" and save it..
and .htaccess file include this below code:
Options Indexes FollowSymLinks
DirectoryIndex test.htm
AddType txt .phpAddHandler txt .php
and save it like ".htaccess"
now you need to upload both file zip and .htaccess. After Uploading both file We need to "unzip"
file using this command:
"unzip "file name"
after unzip u show a txt file there. Now you need to open appropriate path in Web browser.
It's look like this.
Now Just Click on 1.txt file that you unzip a zip file. After Click on 1.txt file It include all Directory's of the Web-server check out below Image:
Ok done Now in Symlink we will check the Directory path like
1. /home/
2. /hsphere/local/home/c283273/
There are Different Path Just you need to check out it.
If you Click On "Home" You will get 403 Error Means Forbidden Error but never mid after you get this Error you need to add "Website Username"
To find WebUsers You need to execute This command
cat /etc/passwd
the path is "/Home/
After execute cat command it's look like above image.
Now Just find specific Target that have ADMIN LOGIN PAGE and CONFIG FILE
How did you find this specific Target site?
you need Server Ip and www.bing.com
To find Joomla,Wordpress and php site we can use this dork for it.
1. ip: 123.x.x.x index.php?option=2. ip: 123.x.x.x "Powered By WordPress"
3. ip: 123.x.x.x .php?id=
and more......
Finding Target site now you need to find config file. in joomla the config file name is "configuration.php" in wordpress "wp-config.php" etc.
You cannot directly see the file using like this
www.Target.com/wp-config.php
www.Target.com/configuration.php
But when we do symlink on specific Target we can show config file using Right click and view source..
It's look like above Image
This config file include site Database information like Database Name, Username, Password etc..
after getting this You can login into site data base and you can edit,delete of specific columns, fields etc..
But we need to change admin password. In many case The password is in MD5, base64 etc.. encrypted form. You need to Decrypt it... that's it.
after changing the password You know what to do...!!!
No comments:
Post a Comment