Defacing a website mean to spoil the appearance of the website. This is a common method of hacking generally, websites and blogs. There are some vulnerable sites hosted under vulnerable hosting servers. One of them is Microsoft IIS. Sites which are hosted in Microsoft IIS are vulnerable these days. The attacker can spoil the sites by using Windows Operating Systems. I will teach you the steps to deface a website which is hosted in Microsoft IIS. IIS Exploit allows you to upload your deface page without any authentication.
Note: I don’t recommend you to perform this trick. This is just for Educational purpose. I admit that if you violate this condition, TechnoStreak and I are not responsible. Always remember that your IP address may get noted.
Find a vulnerable site
Search for a vulnerable website which is hosted under Microsoft IIS. To do this, use the dork – “Powered by IIS” on Google and find a vulnerable website or use your own unique dork. A list of vulnerable websites are listed here: http://pastie.org/1389174
Steps to Deface a site
If you use Windows XP, your steps are given below:
- Go to Start > Run.
and press Enter.
- “Web Folders” Window gets opened.
- Choose File > New > Web Folder. A Wizard appears as shown in the below screenshot.
- Type the website’s address you want to deface in the text box and Click Next then Finish.
- Now you will be able to insert your HTML page (index.html) by simple ‘copy paste’ process.
You may be also interested in hacking Facebook Profile Picture: http://www.technofx.tk/hack-your-facebook-profile-picture/
If you use Windows Vista or Windows 7, your steps are given below:
- Go to Start > Computer.
- On Computer homepage, find a option Map Network Drive and make a click.
- Map Network Drive Dialog appears. Click “Connect to a Web site that you can use to store your documents and Pictures“.
- When ‘Add Network Location’ Wizard appears on your screen, click Next.
- Select “Choose a custom network location” and click Next.
- Type the web folder address (i.e the vulnerable site you want to attack).
- Enter a name to identify your web folder.
- Check on “Open this network location when I click finish“.
- Click Finish. Now you can insert your deface page.
That’s the end of the tutorial. Share your comments here. 🙂