If your target website is not vulnerable, but you really want to hack it, you could do a IP lookup on this website: Reverse IP Lookup - Find Other Web Sites Hosted on a Web Server.
How to get the IP of your target? Open up cmd (Run->cmd.exe or in
Vista/7 press 'Start button' and in the search bar enter cmd, then click
it) and type 'ping targethost.com'. Targethost.com is your target of
course. You will see something like this: Pinging it-sec.biz
[204.236.239.5] with 32 bytes of data:. In the brackets ([]) you can see
the remote IP. Now enter it on the given website (above). You will get
every website that is hosted on the server (same hosting). It makes you
the job much easier, because the chances of hacking your target website
are much bigger. You need to exploit only one of them to get to your
target. If you managed to upload a shell to one of these websites, you
can be 80% sure that you got your target, of course if it uses a SQL
Database (Uses every Forum, Blog and other CMS's.)
After you uploaded a shell, upload this great php script coded by the UrduHack Team called 'symlink_urduhack.php' Download here. It creates a symlink to your target website. Read more about symlink here.
So you need to know what CMS your target is running and you need to know where the config file is located. For example in MyBB it is located in 'inc/config.php', in vBulletin it is located in 'includes/config.php'. In the uploaded shell (not on your target host, on the website you did it) run a command: cat /etc/passwd
This Unix command will display you the contents of the passwd file located in the etc folder. That means, every user on the system. If your target's website is 'forumpowered.com' (example) you need to search in the /etc/passwd file something with 'forum' or 'forumpow'. If you find something like this, you can be sure it is your target. Use CTRL+F for fast search.
Once you found it, go to the shell home (to the directory where the shell was uploaded) and look for the path in the top. It will be something like this: /home/[namehere]/public_html/. Copy it to notepad, and replace your username with your targets one, 'forumpow' (example). Open the uploaded file 'symlink_urduhack.php' in your browser and paste there the path from notepad. It will create a symlink to the target website. Click the symlink0 hyperlink. If everything worked fine, you will be able to see all files on the target site. (Even read). But it does not work always, so let's create a direct symlink to the configuration file, so you can connect to the database and read the contents.
Let's imagine, the target forum is running vBulletin and you need to get the content of the config files. You would enter this: /home/forumpow/public_html/includes/config.php. Would create a direct symlink to this file. Now you can use your SQL Manager on your shell to connect to the database.
Now, maybe the most hard part is decrypting the passwords... You can follow this tutorial or you can simply update the password and salt with already cracked ones and login with it.
After you uploaded a shell, upload this great php script coded by the UrduHack Team called 'symlink_urduhack.php' Download here. It creates a symlink to your target website. Read more about symlink here.
So you need to know what CMS your target is running and you need to know where the config file is located. For example in MyBB it is located in 'inc/config.php', in vBulletin it is located in 'includes/config.php'. In the uploaded shell (not on your target host, on the website you did it) run a command: cat /etc/passwd
This Unix command will display you the contents of the passwd file located in the etc folder. That means, every user on the system. If your target's website is 'forumpowered.com' (example) you need to search in the /etc/passwd file something with 'forum' or 'forumpow'. If you find something like this, you can be sure it is your target. Use CTRL+F for fast search.
Once you found it, go to the shell home (to the directory where the shell was uploaded) and look for the path in the top. It will be something like this: /home/[namehere]/public_html/. Copy it to notepad, and replace your username with your targets one, 'forumpow' (example). Open the uploaded file 'symlink_urduhack.php' in your browser and paste there the path from notepad. It will create a symlink to the target website. Click the symlink0 hyperlink. If everything worked fine, you will be able to see all files on the target site. (Even read). But it does not work always, so let's create a direct symlink to the configuration file, so you can connect to the database and read the contents.
Let's imagine, the target forum is running vBulletin and you need to get the content of the config files. You would enter this: /home/forumpow/public_html/includes/config.php. Would create a direct symlink to this file. Now you can use your SQL Manager on your shell to connect to the database.
Now, maybe the most hard part is decrypting the passwords... You can follow this tutorial or you can simply update the password and salt with already cracked ones and login with it.
