SECUGENIUS SECURITY SOLUTIONS --------------------------------------------------------------------------------------
(A UNIT OF HARKSH TECHNOLOGIES PVT. LTD)
Company Profile: Secugenius Security Solutions is a Student Entrepreneurial Company started by 2 Social Student Entrepreneurs in 2010 with an aim to make our country Cyber Crime Free. Free. We at SECUGENIUS are headquartered at Ludhiana, the Manchester of Punjab. The main activities of Secugenius Security Solutions are providing training in Information Security and various professional courses. Secugenius Security Solutions is an organization which believes in inventing and implementing new ideas to influence the technological minds of the youngsters Looking at the number of Cyber Crimes since last many years, We at Secugenius Security Solutions provides training on Ethical hacking & Cyber Security to students, IT Professionals, Bank Employees, Police officials. Secugenius conducts workshops in all parts of the country in various Colleges/institutions for the benefit of the students & making them aware of the latest trends in technological era of the Computer age. We believe in spreading knowledge to all the youngsters & growing minds of the nation so that they could serve the nation with perfect skill-sets in the field of Cyber Crime Investigation & Forensic Sciences Secugenius provides various security solutions to its clients by securing their websites from cyber attacks. We provide training to college students, graduates and professionals in various fields. Education is delivered to students through two modes i.e. Regular mode and Distance mode which are available as short term and long term courses. In the workshops conducted by Secugenius, participants can claim to be trained by the highly experienced & skilled corporate trainers from different parts of the nation. We believe in making the base of students to be as strong as possible. All the modules have been designed in order to provide students with specialized knowledge by specialized trainers. This library was furnished, managed and funded by the Founders and Directors of Secugenius Er. Harpreet Khattar & Er. & Er. Kshitij Adhlakha. Adhlakha . The overall resource person for the content of the series of this Digital Library is Er. Chetan Soni - Sr. Security Specialist, Secugenius Security Solutions.
This Online Digital Library has been initiated as a free resource & permanent resource on specialization basis for every student of Team Secugenius.
Symlinking – Part 2 Product ID No: SG/ODL/13036 Founder & Director: Harpreet Khattar & Kshitij Adhlakha Resource Person: Chetan Soni Secugenius Security Solutions SCO-13A, Model Town Extn, Near Krishna Mandir, Ludhiana-141002, Punjab – India
[email protected],
[email protected] www.secugenius.com , www.seculabs.in
Symlinking – Part 2 A Symlink Aka Symbolic Link is a virtual link pointing to a file in a directory. In shared Linux environment hard disk space in divided in several parts for different account. Syntax: ln-s target_file_pathnew_file_name
Step 1 – First of all make a blank directory in your shell so that we can upload our symlink shells and related files. You can also create directory by typing this command, mkdir cyber
Step 2 – Upload these files i.e. confkiller.php , sql.php , sym.php in your cyber directory.
Step 3 – Open your Sym.php shell in your browser by typing this path i.e. http://example.com/cyber/sym.php and here it shows can’t read /etc/named.conf
Step 4 – Now Click on Symlink Bypass and it shows all list of usernames (/etc/passwd) file. After some result, click on Symlink button.
Step 5 – After clicking on symlink button, it’ll shows all users.
Step 6 – You can also use this confkiller shell which is made by Team Indishell, In this shell, click on “use to generate PHP.ini” link.
Step 7 – After this , click on “use to Extract usernames” link.
Step 8 – After this, Click on “Let’s Start” Button.
And Now click on “Configuration Files”
Step 9 – Here’s it shows all configuartion files of that server.
Step 10 – Open any configuration file (wp-config.php) and note down DB-USER and DB-PASS and put it into sql.php
Step 11 – Now Open sql.php and fill all details in it and click on Enter button.
Step 12 – Here’s You entered into Database of that website, now click on Tables.
Step 13 – Now to wp_options tab and click on Data for finding the Website link.
Step 14 – In the first line, you got the website name.
Step 15 – Now Go back and go to wp_users and click on Data button.
Step 16 – Here you got the admin username and admin password, but the password is in encrypted form, so its time to decrypt it.
Step 17 – Now go to some MD5 decrypter sites and crack this password, Here we use http://md5decrypter.co.uk
If you failed to decrypt the password then we use this method http://10minutemail.com It will creates a randomly generated mail address.
Step 18 – Now Change the user_email with your temporary Email Address.
And Now go to the login page of that site and click on “Lost your Password” In Wordpress based sites , the default login page will be http://example.com/wp-login.php or http://example.com/wp-admin
Step 19 – Now put your temporary mail address and click on “Get New Password”
And check your 10minutemail.com site and within 2-3 minutes, you got a mail with subject “Password Reset”
Open your mail and here’s a link for reset your password.
Click on this link and it will ask “New Password”
Step 20 – Now login your panel with username and password (u – admin and p – admin)
Step 21 – Now its time to upload your shell on this wordpress website by click on Appearnce -> Editor.
Step 22 – Now Select ant theme, so here’s we choose “Twenty Ten” theme The path of this theme will be , http://example.com/wp-content/themes/twentyten/
Now open “author.php” file and paste your shell here.
Step 23 – Paste your Fav shell here, I choose my fav shell (404.php)
Now open this author.php file in your browser, http://example.com/wp-content/themes/twentyten/author.php