DNS Hijacking

                 DNS Hijacking with 000webhost and Afraid

Required:

• 000webhost account
• Afraid.org account

Steps:
000Webhost
     -Login to your account.
     -At List of your Domains , click on Go to CPanel 

-Scroll down and click on File Manager

-Upload your deface script as index.php into the public_html folder

-Do not forget to delete .htaccess and default.php 

Afraid.Org

    -Once you have login, click on Subdomain and Add a subdomain

-You will see a form, choose Many many more available

-Now click on Shared Domain Registry

-You will see a lot of domain. You can pick any site as target, or search for specific target such as .gov,.edu and more.

  -After that, you will get Add a subdomain form. Fill the form as below and save.

-If success, you will see something like this

000webhost

     -Go to Parked Domain

-Paste your target in the textbox and click on Park Domain.

  -That's all! Now go to your target URL and check if it's defaced. It needs a few minutes to make changes. If the site still not available, try another. :) 

GooGle Dorks List

Here Is fresh Google Dorks List ..

inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:play_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:Pageid=
inurl:games.php?id=
inurl:page.php?file=
inurl:newsDetail.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:show.php?id=
inurl:staff_id=
inurl:newsitem.php?num=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:historialeer.php?num=
inurl:reagir.php?num=
inurl:forum_bds.php?num=
inurl:game.php?id=
inurl:view_product.php?id=
inurl:newsone.php?id=
inurl:sw_comment.php?id=
inurl:news.php?id=
inurl:avd_start.php?avd=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:news_view.php?id=
inurl:select_biblio.php?id=
inurl:humor.php?id=
inurl:aboutbook.php?id=
inurl:fiche_spectacle.php?id=
inurl:communique_detail.php?id=
inurl:sem.php3?id=
inurl:kategorie.php4?id=
inurl:news.php?id=