Powered By

Free XML Skins for Blogger

Powered by Blogger

Monday, March 24, 2008

Take over the website using C99.php shell

You can hack a certain site using C99.php shell by uploading it to web server. Unfortunately I cannot post the source code of c99 shell here but I will provide tips on how to find c99 shell script. The c99.php is detected as harmful to your pc scanned by various anti-virus but basically it doesn't harm your pc anyway, it's just a hack script which is applicable only to webserver running Php under Linux platform or maybe on Windows server (haven't tried yet) but 99% works on Linux servers.

You can find c99 shell using Google by using a 'Google Dork', just type [allinurl: c99.php"] without the brackets google will provide your results which links to c99.php shell. I advise that you copy the c99.php code and save it as "c99.php" and upload it to web host. To be able to use the c99 shell script just access it via URL (i.e. www.somesite.com/c99.php) or similar to this and voila! You can retrieve/modify password, upload file, modify, etc..

But before you access the file make sure you have your proxy setup to avoid getting caught. It is unwise to access directly the exploit without protecting yourself first!

No comments: