[Help] Http details - Web Host backdoor.

[naddo1]

Well, this is probably the worst idea, but I have found the following;



Ports 22, 25, 80, 110 show open

I have tried ftp anon login through port 80 and ssl anon login through port 22, however I'm no network guru.

I know these are file servers for the webhost but from this i have found;

The IP address of credit.91.com is 208.96.12.132
The IP address of co.91.com is 208.113.97.208
The IP address of vips.91.com is 208.96.12.132




This last one will have all of the account logins.

The registered name for the servers is ;

the best i can get from a cgi test is;

#!/bin/sh

# disable filename globbing
set -f

echo "Content-type: text/plain; charset=iso-8859-1"
echo

echo CGI/1.0 test script report:
echo

echo argc is $#. argv is "$*".
echo

echo SERVER_SOFTWARE = $SERVER_SOFTWARE
echo SERVER_NAME = $SERVER_NAME
echo GATEWAY_INTERFACE = $GATEWAY_INTERFACE
echo SERVER_PROTOCOL = $SERVER_PROTOCOL
echo SERVER_PORT = $SERVER_PORT
echo REQUEST_METHOD = $REQUEST_METHOD
echo HTTP_ACCEPT = "$HTTP_ACCEPT"
echo PATH_INFO = "$PATH_INFO"
echo PATH_TRANSLATED = "$PATH_TRANSLATED"
echo SCRIPT_NAME = "$SCRIPT_NAME"
echo QUERY_STRING = "$QUERY_STRING"
echo REMOTE_HOST = $REMOTE_HOST
echo REMOTE_ADDR = $REMOTE_ADDR
echo REMOTE_USER = $REMOTE_USER
echo AUTH_TYPE = $AUTH_TYPE
echo CONTENT_TYPE = $CONTENT_TYPE
echo CONTENT_LENGTH = $CONTENT_LENGTH


If any one knows some exploit to hacking web servers please pm me as I would like to move this forward.

Edit* Tried to brute force ftp and http socks for username and password using hydra, but nothing came back.

Naddo1

__________________________________________________ _____________________

HIT THE THANKS BUTTON ----------------------------------|

[IAmHawtness]

If the police knocks on your door, you better be good at hiding .

[naddo1]

Quote:

Originally Posted by IAmHawtness

If the police knocks on your door, you better be good at hiding .

I did say at the top of the thread;

"this is probably the worst idea"

but hey, anyone worth a bit of salt should be able to re-direct their router and mask their own ip ;P

[Alex_Boss]

Thanks :P

[jamellathewhite]

Quote:

Originally Posted by naddo1

I did say at the top of the thread;

"this is probably the worst idea"

but hey, anyone worth a bit of salt should be able to re-direct their router and mask their own ip ;P

If you do succeed in forcing your way into the account server, which is highly doubtful. I would suggest getting a set up like this so when police come you may be able to escape a prison sentence.

[shaun2000]

U also may want to change your ip address and isp and use a proxy server for the Future. As by the looks of it they use china telecom system and those guys will hack u good . Also i know for a fact they use ip intrusion detection so u and your isp gets recorded. Id suggest u give up while your not in jail and buy 5bot.

[Ian*]

or what you could do if i you manage to get through their auth **** just setup a proxy and have you backdoor send data to the proxy ip and rout it to yours then delete it after you get what you want.