Most people who are programmers or other technical experts have started their own serious path of computer gurus with an attempt to hack something. Game or site - it does not have a strong meaning. There is also a small warning - this information is located here solely for informational purposes and its use and application in practice is strongly discouraged. Also, to avoid negative consequences, everything will be described in general terms without specificity, such as program names or detailed hacking algorithms. And in the end it will be considered how to hack the server into the admin area.
Introduction
So, how do servers crack? The very first step in any strategy is port scanning. This is done to find out which software is installed. Each open port is a server program. Example: on the 21-m port is FTP. If you connect to it and get the appropriate rights, you can safely download or upload any files. First you need to scan the first 1024 ports. Here you can find many standard services. Each of them is a kind of door. And the more of them, the easier it will be to find out that one or more of them are not closed. To a large extent, everything depends on the computer skills of the administrator that looks after the server. The received information on weaknesses should be written down on the independent carrier (a sheet of paper or a tablet).
Next, you should check everything above 1024 ports. Why? The fact is that the programs that are on them may have vulnerabilities or someone previously mimicked the server. And malware always keeps its "door" open. Further learn the operating system. Oh yeah, and if you decide to crack something, then it's better to destroy all recorded data before your valiant militia finds you. This information is enough to implement a simple hack. In addition, there are many websites on the Internet, where information on new weak spots is published. And given that many of the servers do not update their security due to negligence or unqualified administrators, many of them can be hacked and "old" problems. You can find them with the help of special programs. But if everything is closed and there is no approach (which is unlikely), then wait for publications about new security holes. Here's how real servers crack real professionals. It is clear that this is not a matter of a minute, but is carried out after hours, days and weeks of hard work.
Security testing
Almost every day, security specialists are and eliminate various shortcomings. Usually they know how servers are hacked, and they do everything to prevent this. Therefore, it is likely that when you have to look for a weak spot for a long time. But even so, there is no universal base for all the shortcomings, so if you want to identify problems, you must stock up with time, patience and a lot of programs. After all, to identify the slack and use it in most cases is much easier than patching them.
How is the actual breaking of the remote server?
Many problems arise because of CGI scripts. Therefore, it is not surprising that they are a priority goal. This is due to the universality of the programming languages on which they are written. As a result, functions in scripts transmit data that are not checked, but immediately sent to potentially vulnerable places. The weakest language in terms of security is Perl. Others, like PHP and ASP, also have holes, but there are fewer. Relatively secure is considered Java, but because of the slow processing of data, it is reluctant to use. But the biggest problem is the human factor. Many self-taught programmers do not even think about security. So in this case some good CGI scanners will help.
Where can I find the required data?
So we looked at how servers crack. And how to find out what you need, and where? It all depends on what you need to find. So, if this file is on the server itself, then this is one thing. If you need to make changes to the database - it's completely different. You can get the file when you can download it from the server. For such cases, the 21st port is suitable. To change the data of the database it will be necessary to additionally gain access to it or the file that it edits.
An example of hacking in general
How does hacking from A to Z actually occur? Let's take a look at this process with the example of gaining access to the game server Contra Strike. This choice was made because of the popularity of this entertainment. How to hack the server into the admin area, because they are of the greatest interest? There are two main ways - simple password selection and more sophisticated. One of these more complex and effective ways are backdoors. They mean entering the console through open ports within the boundaries of 27000-37000 and editing a file that indicates who is the administrator. There are other ways of hacking the server "CS", but remember that these actions are illegal!