Waraxe IT Security Portal

_mranderson_ · Replies: 1

maybe, but you have to give more info

_mranderson_ · Replies: 8

it's an L2 server aight?

anyways, as already said, if you have the mysql root's password you should find a way to run SQL code on it, because with root privs you can load_file() and select into out ...

_mranderson_ · Replies: 8

if you are root and can only use select statements, you're done.
use select load_file('/complete/path/to/file') to read a file, or select 'data' into outfile '/path/to/file' to write some dat ...

_mranderson_ · Replies: 31

I m sorry to say this is really script kiddish

_mranderson_ · Replies: 5

I 've used none

_mranderson_ · Replies: 17

lol, of course there could be other vulnerabilities...

What tou mean?

_mranderson_ · Replies: 5

admin:a4fb40dbb9eed3f878da94d8596bf67b:r-s

_mranderson_ · Replies: 5

Probably the script is outputting just the first line; try hexing the string:
hex(load_file('/etc/passwd'))

anyways, reading the passwd file nowadays will just give you an idea of what users can l ...

_mranderson_ · Replies: 6

I think it is md5() unix, a really though one (to bruteforce)

_mranderson_ · Replies: 6

no the best way was the one waraxe told, infact I was just doing it before reading his post.

1. Install IonCube
2. create a php script that includes the coded one and prints out the variables.

...

_mranderson_ · Replies: 6

mmh, I don't wanna forget it, it's got root's password in it I think.

_mranderson_ · Replies: 6

How do you decode php files encoded with ioncube?
Shall I reverse engeneer the dlls that comes with it? is it worth it?

_mranderson_ · Replies: 2

ty very much

_mranderson_ · Replies: 2

See if you can crack this one, thanks!

e314878ab5801f307684fdd3d925de8f:ans1I

_mranderson_ · Replies: 2

Yes, I do like so: whenever I find a password, I write it down both in a combolist user:pass and in a wordlist (just the pass). This works greatly.