Basic question on hacking servers (clarication)
Results 1 to 5 of 5

Thread: Basic question on hacking servers (clarication)

  1. #1

    Basic question on hacking servers (clarication)

    For a little while now ive been wondering how big name server hacks go down, such as fbi, nasa stuff, even just corporate sites and stuff. How do they actually break in? I hear "Exploit" everywhere, but what do these exploits actually exploit, i mean, i know they exploit bugs, but what kind of bugs?

    I just don't see how they're hacked other than getting bad/easy user+pass combos (admin:admin, guest:guest etc), but what else? I think you'll get my drift now.

    I don't want to know this to do it myself, i just want some clarification..... thanks in advance.

    (PS im not a total newbie just to this kind of hacking)
    YOU\'RE JUST JEALOUS CUZ THE VOICES ARE TALKING TO ME!
    Share on Google+

  2. #2
    AO Antique pwaring's Avatar
    Join Date
    Aug 2001
    Posts
    1,409
    Bugs in scripts (particulary CGI) can allow crackers to execute commands on the server through their web browser, including copying the password file to their computer. A particualy infamous example of this is the PHF script - however now almost every web server is protected from this exploit (damn!)
    Paul Waring - Web site design and development.
    Share on Google+

  3. #3
    oh ok, thanks for that. Just needed clarification on the subject
    YOU\'RE JUST JEALOUS CUZ THE VOICES ARE TALKING TO ME!
    Share on Google+

  4. #4
    Senior Member
    Join Date
    Oct 2001
    Posts
    118

    Re: Basic question on hacking servers (clarication)

    Originally posted by Inferno_x_2001
    but what else?
    Well...as pwaring said there are bugs in scripts and in programs, there are also systems that "trust" you, when they shouldn't and allow you to do things that you shouldn't, this could be a bad setup or ip spoofing where you pretend to be another user. there are also buffer-overruns, which exploit problems in code, not necessarily bugs, that let you run code that you shouldn't. hope this helps.
    There\'s no sense in being Pessimistic...it would never work anyway.
    Share on Google+

  5. #5
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    Lets not leave out the ubiquitous email trojan, thats how m$ became a playground for a couple of weeks.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
    Share on Google+

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides