4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution

4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution - we say welcome to you who have been searching for information via search engines such as Google, in a blog Tech Gallery, now we will discuss information about the 4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution, we have been looking for a lot of information from a trusted and collect it in this blog, so you get the information complete and easy to understand, please read through:

Article DNS Hacking, Article Learn Hacking,

You can also see our article on:


After very long times I didn't write about hacking webserver, today "again" when surfing around I've found that Jcow Social networking engine can be exploited and the exploit ranking marked as "excellent".
So actually, what happen when you have this Jcow vulnerable version??The simple thing is the attacker can go through your web server directory and doing everything there. For example, if you hosting your Jcowvulnerable version(on insecure hosting also icon_smile ) you can own your web server directory.
In this example, let's say I have a Jcow vulnerable web server in IP address 192.168.8.94. Actually, it's better to try installing your own web server, but if you want to find out Jcow in the wild you can search through Google dork "intext: Powered by Jcow 4.2.0" and register as the normal user there. In this tutorial I have already registered as username: victim and password also victim icon_smile
Okay, I hope you understand what I say above icon_razz to make it more realistic, let's try the tutorial…

4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution
4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution

Level: Medium

Victim Server: work fine if victim uses Windows XP SP3
Victim vulnerable application: JCow 4.2
Attacker O.S: obviously you need Backtrack 5 R1

Requirement :

Here only you need bellow two item.
Which is your actual need.

1#. Metasploit framework

2.# Jcow.rb exploit mediafire.com

Now lets start this article.

Steps Hacking Jcow Social Networking Web Server via ArbitraryCode Execution Process:

1.#, first of all, you simply  Copy the 

downloaded cow.rb exploit from the 

download link above and copy it into /pentest/exploits/framework/modules/exploits/remote/ folder(for example see the command below).
cp jcow.rb /pentest/exploits/framework/modules/exploits/remote/
now you see the text "framework" in blue color it's only because I'm using 

Backtrack 5 R1 and using Metasploit 

v4.0.1, so the name depended on 

your Metasploit version, maybe on your 

the computer can be "framework3" or 

"framework2" so on..so don't have

confused.

2.# now when you copy successfully 

after that, simply  Open your Metasploit 

console and then use the exploit you just added before see bellow 


msf > use exploit/remote/jcow


3.# now when you complete step 2, The 

next step we need to view the available 

switch for this exploit by running the show 

options command, and then configured it(see the text with red color).
jcow_bypass1
msf  exploit(jcow) > set rhost 192.168.8.94 --> set the target IP
rhost => 192.168.8.94
msf exploit(jcow) > set username victim --> set the username
username => victim
msf exploit(jcow) > set password victim --> set the password
password => victim
msf exploit(jcow) > set uri jcow --> only if jcow not in/directory fill it here
uri => jcow
Importent:::?

Set URI can be used if cow was not 

installed on web server main directory

for example http://web-server.com/jcow.

4#. now your work has been almost  

done , After everything was set up 

successfully, the next thing to do was 

exploiting or running the exploit by using

  exploit command.


Information about the 4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution we have conveyed

A few of our information about the 4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution, I hope you can exploit carefully

You have finished reading 4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution and many articles about Tech Gallery in our blog this, please read it. and url link of this article is https://littlebitjohnny.blogspot.com/2016/01/4-steps-hacking-jcow-social-networking.html Hopefully discussion articles on provide more knowledge about the world of new tech gadgets.

Tag : , ,
Share on Facebook
Share on Twitter
Share on Google+

Related : 4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution

7 comments:

  1. For more credit cards, visit kangkarding.blogspot.com

    Cardholder Name : Michael L Haney
    Card Number : 4000 2205 0547 2262
    Expiration Date : 07 / 2019
    Cvv2 : 570
    BIN/IIN Info : NAVY F.C.U. - DEBIT - CLASSIC
    Sort Code : - -
    Routing Number : 256074974
    Account Number : 7048913052
    Mother's name : Newkirk
    First Name : Michael
    Last Name : Haney
    Address Line 1 : 69 tall pines way apt D.
    Address Line 2 :
    City/Town : Newport News
    State : Virginia
    Zip/PostCode : 23606
    Country : United States
    Phone Number : 7573164234
    DOB : 10 / 6 / 1987

    Contact: kang.karding@gmail.com

    ReplyDelete
  2. 
Hello everyone do you need to hack a Facebook account? i know of someone who can help.
    Mr James via .I saw a review about him and I needed help hacking my wife’s Facebook account so i contacted him and he said he was going to help me.I gave him the information he required about her account and afterwards i received all my wifes Facebook activity linked directly to me. He was reliable and trustworthy i just want to say thank you. If you need help you can contact him via Email(Worldcyberhackers@gmail.com) 

    ReplyDelete
  3. If you are searching for Mobiles customer care number, then don’t worry. Here we will provide you every details of all network operators. From Aircel, Vodafone, Idea to BSNL Customer Care Number, you will get it here. Get Toll-Free Numbers of every mobile network operator.

    mtnl customer care number

    airtel customer care number

    bsnl customer care number

    Reliance Jio Customer Care Number

    airtel dth customer care number

    snapdeal customer care number

    flipkart customer care number

    ReplyDelete
  4. Aircel, Vodafone, Idea to BSNL Customer Care Number, you will get it here. Get Toll-Free Numbers of every mobile network operator.


    mobikwik customer care number

    ReplyDelete
  5. ccnumbers.in provides customer care numbers for leading mobile, broadband and television service providers.

    airtel customer care number

    mobikwik customer care number

    idea customer care number

    ReplyDelete