its possible .. but he most likely doesnt know anything ...My friend claims he can hack almost any website?
Your friend is lying.
He's probably learned tracert and nslookup to impress people with all the ';hacker code';, or perhaps he's gotten his hands on a copy of nmap, and performs impressive-looking port scans.
Regardless, I can assure you that he is lying, and he cannot ';hack any website';.
he's a liar bcz it's not an easy job he has to go into million and million of operations and he will succeed only if the desired website has a security flaw and if it hasn't then it's impossible
Tell him to have another drink.
while it is possible i'm betting your friend is BSing you, maybe thats why he won't tell you how he did it.
there use to be a way in IIS if the site was setup in the default directory to get in by going up a couple directories and get to the command line of the system, from their you can pretty much do anything but thats been fixed long ago. Most Web managers didn't use the default structure anyhow
i used to tell people that same thing when i was in high school. i'd pull up telnet, login to a linux box i had at home, and run some bs script that showed nothing but random ascii characters. then i'd look over my shoulder at a buddy and say ';dude, look. im rooting their box!';
they didn't know any better and thought i was god.
stupid kids ;)
don't let your buddy fool you.
sounds like he`s pulling your leg to make himself sound good, do you really believe that they`d leave a backdoor on a server that anyone can access? i think he`s full of crap most hackers use linux and hate windows xp.
';backdoors'; are not automatically on a server. Someone would need to infect a computer for a backdoor to exist on it. So if he is telling you he is getting onto a major website as the ones you have mentioned via a backdoor then he probably is misusing the term.
Websites like MySpace are very easily hacked into because the people setting up their accounts do not secure them properly.
One way they get hacked is: they download templates from less than reputable sources which contain malicious code, that provides access, etc..
Or they allow people to add comments without requiring approval and the person leaving the comment uses malicious script in the comment (since html wasn't disabled by the account holder).
etc...
Most likely he is pulling your leg. I would tell you to insist he hack into a site from start to finish, one that you yourself first secure, but in telling you to do that might stradle a legal line, so I won't.
In general, it is not as easy as most people think it is to hack into a site... and in some cases it is.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.