dEEpEst Posted May 27, 2016 Share Posted May 27, 2016 Step 1 – Search for them Yep,make a Google dork to find sites running Apache and PHP 4.4 . Its quite easy. Step 2 – Scan them Start by scanning them using Nmap,Do and intense scan and find the open ports. If you find port 2000 open,then you have almost got it. most websites running PHP4.4 have this port for admin login. Now just login using port 2000 ie - Quote: This is the hidden content, please Sign In or Sign Up and you will be comfortably login into admin page like this - This is the hidden content, please Sign In or Sign Up Step 3 – Hack them Now in the fields,you have to type - Quote:username – admin password – a’ or 1=1 or ‘b domain - a’ or 1=1 or ‘b This is the hidden content, please Sign In or Sign Up and press go,you will login into admin This is the hidden content, please Sign In or Sign Up voila..you have hacked into admin. Actually sites based on PHP 4.4 have the vulnerability in them that they are vulnerable to SQL injection.It will literally take 20 seconds. I hope that was informative This is the hidden content, please Sign In or Sign Up go learn something. Link to comment Share on other sites More sharing options...
junaid22 Posted May 28, 2016 Share Posted May 28, 2016 Re: Hacking PHP 4.4 sites in 20 seconds caballo, thats very old and copied word by word Link to comment Share on other sites More sharing options...
Recommended Posts