Sometimes site that is your TARGET just isn't hackable. Even Acunetix Web Security Scanner can't find useful vulnerability. In that kind of situation the only thing that might work is to hack site (backdoor site) that is on same server and through that site and through server to penetrate the site.

Tools required:

Finding Backdoor Site

To find backdoor site go to
and in Whois Lookup enter your TARGET site

As a result you'll get Whois Record

Look for Reverse IP
In our case 25 other sites hosted on this server.
Click on it to see names of the hosted sites on the same server.

You will see few of them, to see all, click on more...

To see them all you must be a member.
You can easily Sign up for a FREE account by cicking on Create an Account
(use some anonymous email service for that)
As a member you can see all 25 other sites hosted on that server.

Hacking Backdoor Site
Here we have 25 potentional backdoor sites and our target one.
Let's say after analysing we find that our backdoor sites No17 (as example) and target No22
Backdoor site can be any one from the list who can be hacked and sell uploaded 

Penetrate Target Site
By cicking on var/ at we go straight to root of the server

Where we can find our dir.
Sometimes premisions isn't drwx but dr-x which is more then enough to read configuration file

With data from that file we can hack unhackable site..


Post a Comment