How to Hack
This article has been created for give to know the possibilities that it is any hacker can change any web never for that an person use it for violate the intimacy the other person(Hacking). 
Sorgo doesn't become responsible for the undue use of this document, if you not these according, closes this article and erases any copy that you have in the HD(Hard Disk).

Is probable that  don't work anything of what we say here, but it will guide you and you will understand better as work the hackeds. 

The level of this document is basic and helped you to begin to make something "useful".

 

Kevin Mitnick (Phoenix) the best hacker.
 Two different webs.
Is very important see the differences of two webs types, the first is the personal web that can be modified by the user by means of the key that has given their server that gives service web(terra,yahoo,xoom.....), the second is the web the of server that to modify is needed to be and aministrator or root (users with big privileges).
Is different get the password the an normal user or the aministrator the an server.Yes we need the password and login for modify the web, is the main objective of our mission.
We will begin with the password of normal users, these passwords is characterized to the simple and easy that are of remembering , if your know the users of the web you can prove some common words for example (birth date, the name of their dog, woman,children......) be not too much time proving only what your patience admits and if you have access to machine see any word that seem to a password, in a lager part of companies the great security the password this under the keyboard. 
Is possible get the password using “social engineering” talk with the user, attempts that tells you the password (put imagination to the conversation). Also you have attempts infiltrate him a troyano type BO or NETBUS for take out him the file password, you will have that invent a history for that allow use those troyanos. 
If we get the password file of the server is the moment the get an user and to use the “John the Ripper” (the john the ripper is one of the programs the cracking the password file for unix,linux,.... good known. 

The problem will be to get the password file, thatwe will explain next. 

Get the password file of the administratoris not easy using an exploit (program that use an BUG or hole in the Operate Sistem). 

The first that you can prove is get the password file using FTP and when it has not result it is the moment to use the PHF, Write this line in the navegator: 

http://www.host.com/cgi-bin/phf?Qalias=%0a/bin/cat%20/etc/passwd 

Change host.com for the name of the server. 

If this result we will have the password file in our monitor but in the majority of the serves it is repaired. 

If you see and (*) or (x) behind of the (root:)then it means that the file is shadow means that you need another filethe SHADOW that you can get changing in the end of the line ofPHF the word (passwd) for (shadow), the PHF is valid for any file, only limited for you imagination. 

Another option the get password file is have a user count in the server and use telnet, would be a miracle can use (cat) or (more) and edit the password file and the shadow. 

See the version of the server, ftp, apache........ and find esploits in internet, some esploits will be necessary compile in the server another only have that write any command. 

For compile exploits use (gcc or the SO of the server) and when they are compiled run the exploit, in all the server is not possible compile. 

Only use this document in your servers. 

mmmmmm......i don´t remember if that server of the Africa or Chine is my. Is important?
Select to connect other users count and jump the any server to other server before entering in the final destination also can use a zapper for eraser the rake of the servers, the zapper they are used the same as the exploits.
 

An SUN server with Red Hat is any of the most common and effective configurations.
 
Webs on search news, exploits, programs, etc........

http://www.rootshell.com/
http://www.openwall.com/john/
http://www.h-d-c.org/download/exploits.htm
http://www.insecure.org/sploits.html

Good luck.

by Dalamar
www.sorgonet.com

Warning: include(../../sorgonetcounter.php): failed to open stream: No such file or directory in /home/content/66/4455066/html/security/How_to_hack/index.php on line 153

Warning: include(): Failed opening '../../sorgonetcounter.php' for inclusion (include_path='.:/usr/local/php5_6/lib/php') in /home/content/66/4455066/html/security/How_to_hack/index.php on line 153

Fatal error: Call to undefined function SumarVisita() in /home/content/66/4455066/html/security/How_to_hack/index.php on line 154