More on Telnet: the
Number One Hacker Tool
So how do you send stuff back to the webserver? Try this:
GET / HTTP/1.0
<your command here>
What kinds of commands can you send? The book Hackproofing
Your Network (by Ryan Russell of Securityfocus.com and Stance
Cunningham) suggests a fun and harmless hack. Create and store
a bogus cookie in the location on your web browser that stores
cookies. (Find it by searching for the file "cookies.txt".)
Name your bogus cookie something like "MyBogusCookie."
Then telnet to the victim webserver and give something like this
GET / HTTP/1.0
User-Agent: HaveABogusCookieThisIsAJoke 123.4
Cookie: /; MyBogusCookie
The Überhacker! --
How to Break into Computers book details a number of serious
attacks you can perform through sending funny input to a webserver.
Basically, you need to learn how to write shell programs, and
then find ways to get them to be run by the webserver. I'm not
going to explain them here, however. These attacks, when carried
out against a vulnerable webserver, are so easy that little kids
could do them, and I don't want to be responsible for their behavior.
It's much harder for little kids to get a hold of Russell's and
my books than it is for them to read this GTMHH on the Happy
So are you dying to know what to send a webserver in order
to break into it, without having to buy a book? Here are some
hints. How to do this will depend on what webserver it is, what
operating system it runs on, whether its security weaknesses
have been fixed, and whether the web designer has used things
such as Common Gateway Interface (CGI) or Server Side Includes
(SSIs) that have weaknesses in them.
You will have to research these issues at Web sites that archive
vulnerabilities and exploits such as http://www.securityfocus.com
You will need to study web site programming (HTML -- hypertext
markup language, CGI and SSIs) and shell programming. You will
need to learn webserver commands (documented at http://www.w3.org/hypertext/WWW/markup/Markup.html).
You will have to use your brain and be persistent.
But at least if you come across a telnet exploit, now you
know the answer to the question "where do I type that command?"
Where are those back issues of GTMHHs and Happy Hacker Digests?
Check out the official Happy Hacker Web page at http://www.happyhacker.org.
We are against computer crime. We support good, old-fashioned
hacking of the kind that led to the creation of the Internet
and a new era of freedom of information. But we hate computer
crime. So don't email us about any crimes you may have committed!
© 2000 Carolyn Meinel. You may forward, print out or
post this GUIDE TO (mostly) HARMLESS HACKING on your Web site
as long as you leave this notice at the end.