communications@SHA

What you are targeting when exploiting a web site is pretty much any server hosted on the computer that the web site is on. Usual targets to consider is the web server itself, and ftp servers. First what you will want to do is use a tool like Sam Spade, netcat, or whatever you prefer to banner grab the server (view the service banner of the server, to establish what type of server it is). Then once you have found what server they run, and what version they use, then you will want to visit securityfocus.com or any other security site that offers security notices and exploit to find out what the version of the type of server you are targeting is vulnerable to. Then you will run these exploits as need be to see if you can hit a weak point. Common vulnerabilities to look for are configuration vulnerabilities (misconfiguration by the administrator when setting up the server that allows files within the server that aren't supposed to be shared to be shared) and product vulnerabilities (vulnerabilities within the server software itself that allows for exploitation). Also you can try to break open the server by targeting the ftp server if one is hosted on the host to provide remote administration for the webmaster. If the server allows anonymous access, then you can banner grab the ftp server (either through netcat or telnet...by simply telneting to port 21 on the host) to find out what sort of ftp server software is used, and follow the steps listed above. Otherwise, if anonymous access is not allowed on the ftp server, then you would probably want to find another point-of-entry. Now once you are in you are going to want to already have an index page made on your computer to switch out with the index page already on the server. The best thing to do is if, for example, the index page on the server is called index.html, rename the index page on the server index2.html, and then upload your revised index.html page onto the server. That way you are not destroying the original work. This is of course not something you have to do, but I'm just trying to give you some ethics to follow. There is no point in needless destruction when you can get the same task accomplished without much damage to the server itself. Another thing which I shouldn't even have to mention is to NEVER EVER make a direct connection to your target. Not even to banner grab. Always forward your traffic through a socks/proxy server, and it's better to chain your proxies in order to make it harder to track you down (to chain proxies, simply add a space between each proxy address in your LAN settings on your browser, the browser will recognize this and chain through every proxy listed). If you need to use telnet to banner grab an ftp server, download putty (ssh/telnet/rlogin client) and configure the settings to forward through a socks server. If you are using your browser to test for vulnerabilities, just configure your browser to chain through at least 6-10 proxies. It's just that at any time you never want to leave anything that can be traced back to you, so it's urgent that you never make a direct connection at any time. Also when you are done replacing the current index page with your own, you will want to look through the folders within the web server for logs. These are pretty simple to find, considering the log files usually are located in folders called "logs" or something along those lines. When you go into this folder you have two options. One you can simply delete all the logs, or you can go into them yourself and edit the logs. I guess either one will do just fine, considering it's not like they aren't going to notice that you were in, considering you defaced their web page. Anyways, I hope you found these tips useful for you, and I wish you the best of luck.