Jumping Server Tutorial

Jumping Server - Its a method to  get access to all readable directories & possible databases on the particular server .

Requirements -

• Shelled Website
• Download Jumping.zip -  http://www.ziddu.com/download/18802285/jumping.rar.html

Step By Step Guide - 

• Download & Upload you Jumping.zip file to your shell .

.

• After uploading your jumping.zip file , now you have to extract it . so to extract it we will go to execute option & write the following command - " unzip Jumping.zip"  (without quotes ) .

• Once we have unzipped our files in the public_html dir ,then we can access them by going to www.hackedsite.com/jumping  . 

• So after once you have opened it , now you have to open barc0de mini.php file . The barcode mini.php shell is a 404 Private shell . when you open it it will show like 404 not found , but actually there is a place to enter password . After you enter your password you will be prompted inside . So the password for this shell is Hackers .

• Now you after to open jump.php . It will scan for all readable directories on the server & after the scanning is done , you can see the readable directories there as shown in the image below .

• So once you have got the list of the readable directories , then you have to run the scan.php it will scan scan for config & other files in that directory . 

• So finally you got the list of all the readable directories & the config files . so accordingly you can login into the MySQL Database & reset the websites password . To learn how to login into the MySQL database & reset the password click here ! .

Hope you all Liked the Tutorial & Special Thanks to the owner of Hackerzadda (AV) ; )
Any doubts just then just mention it Via Comments !
Comments would be appreciated :)

 

Sumber : http://www.hackingsec.in/2012/03/jumping-server-tutorial.html