What is Website Defacement?
A website defacement is an attack on a website that changes the visual
appearance of the site. These are typically the work of system crackers, who break
into a web server and replace the hosted website with one of their own.
• A high-profile website defacement was carried out on the website of the company
SCO Group following its assertion that Linux contained stolen code. The title of
the page was changed from "Red Hat vs SCO" to "SCO vs World," with various
satirical content following
[SQL] - Structured Query Language
[LFI] - Local File Include
[RFI] - Remote File Include
[XSS] - Cross Site Scripting
[RCE] - Remote Code Execution
[AFD] - Arbitrary File Download
[SCD] - Source Code Disclosure
[PCI] - PHP Code Injection
Script, Cookie, XSS
Hosting Control Panel
Trojan, Spy vs
Tools for Web defacement:
• C99 Shell
Website defacement archive sites
Website Defacement case study?
To Use Brutus, c99.php shell we have to go through the following steps:
1. Firstly we need to Upload the c99.php shell file and Brutus
application on the particular system(server system) and then target the
web application let say www.babaharinath.com and use password
from commercial world list(a combination of passwords) and set type
=FTP and choose keep connected with web for unlimited attempts.
After this start Brut force attack.
2. After getting ID and Password open the Victim site in IE by typing
ftp.babaharinath.com and then click on file and Login as above ID
3. Now upload c99.php file in image or cgi-bin folder. After this again
open IE and access http://www.babaharinath.com/image/c99.php
4. After this chose index.html file and click on edit option and then
change the content as per your wish.
5. Now with the help of c99.php shell file we can upload new content
html, delete whatever we want and even do anything in future without