|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 47
Members: 0
Total: 47
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
Del LOGS |
|
Posted: Sun Sep 12, 2004 2:58 pm |
|
|
AkageMuka |
Regular user |
|
|
Joined: Sep 11, 2004 |
Posts: 5 |
|
|
|
|
|
|
|
When we hack some page... Is there any way to del all the LOGS so the admin will not see our IP ? |
|
|
|
|
Posted: Sun Sep 12, 2004 4:15 pm |
|
|
hebe |
Advanced user |
|
|
Joined: Sep 04, 2004 |
Posts: 59 |
|
|
|
|
|
|
|
if you don't make a post your ip didn't logged also you could use high anoymous proxys |
|
|
|
|
Posted: Sun Sep 12, 2004 10:09 pm |
|
|
AkageMuka |
Regular user |
|
|
Joined: Sep 11, 2004 |
Posts: 5 |
|
|
|
|
|
|
|
Whats the way of using anonymous proxy?
I've heard that there is way to del the logs with your IP address |
|
|
|
|
Posted: Mon Sep 13, 2004 4:09 am |
|
|
morrowasted |
Regular user |
|
|
Joined: Sep 06, 2004 |
Posts: 10 |
|
|
|
|
|
|
|
|
_________________ I'm new to all this, sorry for my dumbness. |
|
|
|
|
a |
|
Posted: Mon Sep 13, 2004 1:39 pm |
|
|
SteX |
Advanced user |
|
|
Joined: May 18, 2004 |
Posts: 181 |
Location: Serbia |
|
|
|
|
|
|
|
_________________
We would change the world, but God won't give us the sourcecode...
....Watch the master. Follow the master. Be the master....
------------------------------------------------------- |
|
|
|
|
Re: Del LOGS |
|
Posted: Sun Sep 19, 2004 8:22 pm |
|
|
waraxe |
Site admin |
|
|
Joined: May 11, 2004 |
Posts: 2407 |
Location: Estonia, Tartu |
|
|
|
|
|
|
AkageMuka wrote: | When we hack some page... Is there any way to del all the LOGS so the admin will not see our IP ? |
You must just attack deeper - from sql injection/session hijack/xss/etc
to script level/shell level access (through remote inclusion, or
using admin privilieges, like in case of coppermine's shell commands
injection). Now, when you have "apache" or "nobody" low-privileged
user shell access, then you can upload r00tkit and try to elevate permissions level to r00t (through local r00t expl0its). And if you are r00t,
then you can wipe out all the logs - apache logs, etc...
Of course, there can be many obstacles - like restrictive firewalls, IDS and IPS, etc. And by the way - if you just deface some website or forum,
then there is probably no danger from admins. They will restore
site from backups and they will not advert the fact, they were "hacked".
But as soon as you will try to get r00t access, counter attack from admins can be real - i mean cops and stuff |
|
|
|
|
|
www.waraxe.us Forum Index -> Cross-site scripting aka XSS
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|