Jump to content

This ''Backdoor access''


Guest A Weekend In The City
 Share

Recommended Posts

Courtesy of wacko

ok, ill try and repeat what neil said but in easy steps

1. click start

2. go to all programs>accesories

3. right click on notepad

4. select run as administrator

5. if a pop up box comes up click yes

6. in notepad click file>open

7. paste c:\windows\system32\drivers\etc\HOSTS into the bar at the bottom (you may need to change the dropdown menu to all files)

8. paste 194.168.202.201 glastonbury.seetickets.com into the bottom of the notepad document.

9. click save

10. close your web browser

11. open internet explorer

12. go to the address http://glastonbury.seetickets.com

We all owe wacko some pints

Link to comment
Share on other sites

Hi, thanks it worked!

However, my confirmation email came from this address donotreply@glastonbury.co.uk - is that okay? Going to http://www.glastonbury.co.uk/ isn't the Glastobury festival website... can someone confirm that this email address is the legit one please?

Thanks.

yeah - it's not a fake email.

They've messed up with the email address they've written into the mailing program, that's all.

Link to comment
Share on other sites

I know this is all irrelevant now, but it's been bugging me and am losing sleep over the fact that I could not get to grips with this!

So just wantto know if everyone had to put in a password? When I went to the 'run as admin' it asked me for a password..of which I didn't know mine so couldn't proceed any further.

So did everyone have to do this...as it doesn't seem to be mentioned in any of the steps? And also, where would I of found my password as I don't remember ever making one up????

This has just been bugging me as I'm usually pretty good with teccy things :-/

Link to comment
Share on other sites

I am guessing you are running Vista or Windows 7, in which case the funny User Access Control (UAC) thing is obviously turned on. I assume it asked for an Admin password when you tried to edit or save the modified hosts file. You may already be an Admin on your PC if its your own, in which case you should have tried your normal logon password, but a work one would have been locked down by the IT people there.

Tbh, no-one really needed to go as far as editing their hosts file anyway to achieve this advantage - all browsers allow you to bang in an IP Address instead of a URL in the address field if you don't need them to lookup the IP for the Domain in DNS (since obviously you already have it).

Link to comment
Share on other sites

Tbh, no-one really needed to go as far as editing their hosts file anyway to achieve this advantage - all browsers allow you to bang in an IP Address instead of a URL in the address field if you don't need them to lookup the IP for the Domain in DNS (since obviously you already have it).

I tried that, and it went to the server's front page rather than the front page for the configured glastonbury.seetickets.com domain.

Did you do it and get a different result? Weird if you did.

Link to comment
Share on other sites

Hmmmm. Curious. Can't explain that. My logic is that in some popular OS'es, Windows included, default TCP/IP settings point all TCP/IP clients at the local hosts file before looking for a configured IP for a DNS server to query for the domain. Thus, add IP and FQDN to hosts file and it does not bother to look up via public DNS as it gets the result from there.

Similarly however, bang the IP into the address field and the browser (just another TCP/IP client) does not need to even look into hosts file or query DNS as you have already implied you have the IP that it needs by entering it directly. At the end of the day hosts / DNS is really there just to resolve names to IP's - nothing else. Perhaps the result was already cached and the cached value took presidence over the entered value. Perhaps the browser does a sneaky public DNS PTR Record lookup as well for the IP just to double check. I did an ipconfig /flushdns before I tried it to dump the cache. Dunno - only seemed to make a brief improvement for me anyway as about 10 mins later they had addressed the issue.

Link to comment
Share on other sites

Pinhead, i too am confused... you are correct using the IP addy should just take you to the web site. It should go -. look in cache -> then hosts file-> then ISP DNS -then next DNS then -> .com putting in the IP address in the address bar should have given the same results - it did not for me - wonder if this was all just a coincidence DNS changes take time to propagate ...

Link to comment
Share on other sites

what you're missing Pinhead is that mostly, webservers are set-up to serve a number of virtual domains rather than just one domain on that one IP.

When a webserver is set up in that way - certainly with linux, if not windoze - it has a default web front page that can be reached bt the IP address, but requires that it's passed the specific domain to serve any configured-domain webpages.

Link to comment
Share on other sites

Pinhead, i too am confused... you are correct using the IP addy should just take you to the web site. It should go -. look in cache -> then hosts file-> then ISP DNS -then next DNS then -> .com putting in the IP address in the address bar should have given the same results - it did not for me - wonder if this was all just a coincidence DNS changes take time to propagate ...

nope, it's nowt like that. It's all to do with how the webserver is configured, and nothing to do with the IP that is used to access a domain on an IP.

Link to comment
Share on other sites

???? put 212.58.246.90 in your browser and it takes you to ... we use words because most regular humans could not remember the numbers. all DNS does is map numbers to names, all the host file is, is a local DNS [second stop after checking cache ... if you dont have it locally the first dns queried that returns the authoritive server for that domain is what your browser then points to...

DNS maps a name (url) to an IP, yes - but the webserver, if it's set up to serve more than one domain, still needs the name. The name is not stripped away from the request after getting the IP; the name is sent to the IP.

For example, the main user-facing webserver for efestivals has three different efestivals domains or sub-domains configured on it, and all three share the same IP. If you send a request to this server which is just the IP you'll get the "webserver front page" (which isn't any one of those three configured domains/sub-domains), but if you send the request as a url you'll get the correct page for that domain/sub-domain.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.


×
×
  • Create New...