Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: Apps :: ls_exp~1.txt

Exploiting Net Administration CGIs like nethosting.com, by Lord Somer




                   #######################################
                   # Exploiting Net Administration Cgi's #
                   # like nethosting.com                 #
                   # Written by:Lord Somer               #
                   # Date:9/2/97                         #
                   #######################################

  Well since nethosting.com either shutdown or whatever I figured what the hell before I forget
how I did the more recent hacks etc... I'd tell you how so maybe you'll find the same sys 
elsewhere or be able to use it for ideas.

  Basically Nethosting.com did all it's administration via cgi's at net-admin.nethosting.com,
well you need an account, card it if necessary, log in to net-administration, you'll see crap
like ftp administration, email, etc... who really cares about e-mail so we'll go to ftp.
Click on ftp administration.  Lets say you were logged in as 7thsphere.com your url would be 
something like:
  http://net-admin.nethosting.com/cgi-bin/add_ftp.cgi?7thsphere.com+ljad32432jl

Just change the 7thsphere.com to any domain on the sys or if in the chmod cgi just del that part
but keep the + sign and you edit the /usr/home dir.  In the ftp administration make a backdoor
account to that domain by creating an ftp who's dir is / since multiple /// still means /.

Once you have your backdoor have fun.  Oh yeah and in the email you can add aliases like I did
to rhad's e-mail account at 7thsphere, why the hell is he on that winsock2.2 mailing list?

Well the basic theory of this type of exploitation is that:
- the cgi is passed a paramater which we change to something else to edit it's info
- since it uses the stuff after the + to check that it's a valid logged
  in account(like hotmail does), it dosen't check the password again.
- multiple ///'s in unix just mean a /, thus we can get access to people's dir or the entire
   /usr/home dir


I used this method for hacking a few well known places:
7thsphere.com
sinnerz.com
hawkee.com
warez950.org
lgn.com
and several other unknown sites.

Please remember if you ever use a method of mine please credit me and link to my site thanks.

########################################
# Contact Info:                        #
#  E-mail: webmaster@lordsomer.com     #
#  ICQ:    1182699                     #
#  Site: The Hackers Layer             #
#        http://www.lordsomer.com      #
#  Other Sites:                        #
#        Hackers Club                  #
#        http://www.hackersclub.com/km #
########################################


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH