如果你有一些HTML和JavaScript代码方面的知识,你就可以尝试入侵有密码保护的网站。这篇文章教给你如何简单的通过HTML代码入侵网站的方法。请不要滥用。
步骤
-
{"smallUrl":"https:\/\/www.zenmeban.com\/images_en\/thumb\/2\/29\/Hack-a-Website-with-Basic-HTML-Coding-Step-1-Version-2.jpg\/v4-460px-Hack-a-Website-with-Basic-HTML-Coding-Step-1-Version-2.jpg","bigUrl":"https:\/\/www.zenmeban.com\/images\/thumb\/2\/29\/Hack-a-Website-with-Basic-HTML-Coding-Step-1-Version-2.jpg\/v4-728px-Hack-a-Website-with-Basic-HTML-Coding-Step-1-Version-2.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><\/div>"}
1
打开你要入侵的网站。在表单中任意提交错误的用户名/密码。(比如用户名:我,密码:' or 1=1 --)。这时对话框会跳出来提示用户名密码错误。从这里开始你要亲自动手了。
-
{"smallUrl":"https:\/\/www.zenmeban.com\/images_en\/thumb\/7\/7c\/Hack-a-Website-with-Basic-HTML-Coding-Step-2-Version-2.jpg\/v4-460px-Hack-a-Website-with-Basic-HTML-Coding-Step-2-Version-2.jpg","bigUrl":"https:\/\/www.zenmeban.com\/images\/thumb\/7\/7c\/Hack-a-Website-with-Basic-HTML-Coding-Step-2-Version-2.jpg\/v4-728px-Hack-a-Website-with-Basic-HTML-Coding-Step-2-Version-2.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><\/div>"}
2
右键点击错误页面的任意位置,选择查看源代码。
-
{"smallUrl":"https:\/\/www.zenmeban.com\/images_en\/thumb\/0\/0b\/Hack-a-Website-with-Basic-HTML-Coding-Step-3-Version-2.jpg\/v4-460px-Hack-a-Website-with-Basic-HTML-Coding-Step-3-Version-2.jpg","bigUrl":"https:\/\/www.zenmeban.com\/images\/thumb\/0\/0b\/Hack-a-Website-with-Basic-HTML-Coding-Step-3-Version-2.jpg\/v4-728px-Hack-a-Website-with-Basic-HTML-Coding-Step-3-Version-2.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><\/div>"}
3
这时你可以查看到HTML代码和JavaScript代码。找到一些类似<_form action="...Login....">的代码。在登录代码前面,找到你现在所在的页面URL,然后复制下来。
-
{"smallUrl":"https:\/\/www.zenmeban.com\/images_en\/thumb\/1\/17\/Hack-a-Website-with-Basic-HTML-Coding-Step-4-Version-3.jpg\/v4-460px-Hack-a-Website-with-Basic-HTML-Coding-Step-4-Version-3.jpg","bigUrl":"https:\/\/www.zenmeban.com\/images\/thumb\/1\/17\/Hack-a-Website-with-Basic-HTML-Coding-Step-4-Version-3.jpg\/v4-728px-Hack-a-Website-with-Basic-HTML-Coding-Step-4-Version-3.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><\/div>"}
4
然后删除服务器上验证你登录信息的JavaScript代码。(做这一步要小心,你是否能成功入侵此网站取决于你能否删除这个验证你账户信息的JavaScript代码。)
-
{"smallUrl":"https:\/\/www.zenmeban.com\/images_en\/thumb\/b\/bb\/Hack-a-Website-with-Basic-HTML-Coding-Step-5-Version-2.jpg\/v4-460px-Hack-a-Website-with-Basic-HTML-Coding-Step-5-Version-2.jpg","bigUrl":"https:\/\/www.zenmeban.com\/images\/thumb\/b\/bb\/Hack-a-Website-with-Basic-HTML-Coding-Step-5-Version-2.jpg\/v4-728px-Hack-a-Website-with-Basic-HTML-Coding-Step-5-Version-2.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><\/div>"}
5
然后仔细查看找到代码<_input name="password" type="password"> -> 用代码 "<_type=text> “替换掉"<_type=password>"。 如果那儿限制的密码字符长度小于11,就改成11。
-
{"smallUrl":"https:\/\/www.zenmeban.com\/images_en\/thumb\/8\/81\/Hack-a-Website-with-Basic-HTML-Coding-Step-6-Version-3.jpg\/v4-460px-Hack-a-Website-with-Basic-HTML-Coding-Step-6-Version-3.jpg","bigUrl":"https:\/\/www.zenmeban.com\/images\/thumb\/8\/81\/Hack-a-Website-with-Basic-HTML-Coding-Step-6-Version-3.jpg\/v4-728px-Hack-a-Website-with-Basic-HTML-Coding-Step-6-Version-3.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><\/div>"}
6
然后文件另存为到电脑的任意位置,文件后缀为.html。比如文件名chan.html到c盘。
-
{"smallUrl":"https:\/\/www.zenmeban.com\/images_en\/thumb\/8\/8f\/Hack-a-Website-with-Basic-HTML-Coding-Step-7-Version-3.jpg\/v4-460px-Hack-a-Website-with-Basic-HTML-Coding-Step-7-Version-3.jpg","bigUrl":"https:\/\/www.zenmeban.com\/images\/thumb\/8\/8f\/Hack-a-Website-with-Basic-HTML-Coding-Step-7-Version-3.jpg\/v4-728px-Hack-a-Website-with-Basic-HTML-Coding-Step-7-Version-3.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><\/div>"}
7
双击打开刚保存在电脑上的的文件chan.html。你会看到与源文件相比有所不同。不要担心。
-
{"smallUrl":"https:\/\/www.zenmeban.com\/images_en\/thumb\/3\/3d\/Hack-a-Website-with-Basic-HTML-Coding-Step-8-Version-2.jpg\/v4-460px-Hack-a-Website-with-Basic-HTML-Coding-Step-8-Version-2.jpg","bigUrl":"https:\/\/www.zenmeban.com\/images\/thumb\/3\/3d\/Hack-a-Website-with-Basic-HTML-Coding-Step-8-Version-2.jpg\/v4-728px-Hack-a-Website-with-Basic-HTML-Coding-Step-8-Version-2.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><\/div>"}
8
提交任意用户名(比如:hacker)和密码(比如:' or 1=1 --)。这时就会成功入侵了刚才那个网站并且成功进入到网站服务器上数据库里存放的账户。
警告
- 修改代码一定要仔细小心,你是否能成功入侵很大程度上取决于能否有效删除验证你帐号信息的java scripts代码。