What is Website Defacement?

04/06/2011 14:56

A website defacement is an attack on a website that changes the visual
appearance of the site. These are typically the work of system crackers, who break
into a web server and replace the hosted website with one of their own.
• A high-profile website defacement was carried out on the website of the company
SCO Group following its assertion that Linux contained stolen code. The title of
the page was changed from "Red Hat vs SCO" to "SCO vs World," with various
satirical content following
Terms:
[SQL] - Structured Query Language
[LFI] - Local File Include
[RFI] - Remote File Include
[XSS] - Cross Site Scripting
[RCE] - Remote Code Execution
[AFD] - Arbitrary File Download
[SCD] - Source Code Disclosure
[PCI] - PHP Code Injection
Defacement Techniques:
Domain Hack
FTP Protokol
IIS Vulnerable
Apache Vulnerable
Permission
Exploits
Script, Cookie, XSS
OS Vulnerable
Social Engineer
Hosting Control Panel
Forgotten Password
Trojan, Spy vs
SQL Injection
RFI

Tools for Web defacement:
  Hydra
• C99 Shell
• phpbb_defacer
• XSSShell039
• Etc

Website defacement archive sites
• www.zone-h.org/
• http://turk-h.org
Website Defacement case study?
Target: www.babaharinath.com
To Use Brutus, c99.php shell we have to go through the following steps:
1. Firstly we need to Upload the c99.php shell file and Brutus
application on the particular system(server system) and then target the
web application let say www.babaharinath.com and use password
from commercial world list(a combination of passwords) and set type
=FTP and choose keep connected with web for unlimited attempts.
After this start Brut force attack.
2. After getting ID and Password open the Victim site in IE by typing
ftp.babaharinath.com and then click on file and Login as above ID
and Password.
3. Now upload c99.php file in image or cgi-bin folder. After this again
open IE and access http://www.babaharinath.com/image/c99.php
4. After this chose index.html file and click on edit option and then
change the content as per your wish.
5. Now with the help of c99.php shell file we can upload new content
html, delete whatever we want and even do anything in future without
any password.