Waraxe IT Security Portal  
  Login or Register
::  Home  ::  Search  ::  Your Account  ::  Forums  ::   Waraxe Advisories  ::  Tools  ::
December 6, 2019
Menu
 Home
 Logout
 Discussions
 Forums
 Members List
 IRC chat
 Tools
 Base64 coder
 MD5 hash
 CRC32 checksum
 ROT13 coder
 SHA-1 hash
 URL-decoder
 Sql Char Encoder
 Affiliates
 y3dips ITsec
 Md5 Cracker
 User Manuals
 AlbumNow
 Content
 Content
 Sections
 FAQ
 Top
 Info
 Feedback
 Recommend Us
 Search
 Journal
 Your Account



User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9145

People Online:
Visitors: 206
Members: 0
Total: 206
PacketStorm News
Currently there is a problem with headlines from this site
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> PhpBB -> l Goto page Previous  1, 2
Post new topic  Reply to topic View previous topic :: View next topic 
PostPosted: Sun Apr 09, 2006 11:08 am Reply with quote
Kw3rLn
Beginner
Beginner
 
Joined: Apr 01, 2006
Posts: 1




yea...put log.txt were cookies.php are
View user's profile Send private message
PostPosted: Sun Apr 09, 2006 5:27 pm Reply with quote
Aryan-Husky
Active user
Active user
 
Joined: Apr 03, 2006
Posts: 37




Your cookies.php script should make a file called log.txt automatically in the same directory.
View user's profile Send private message
PostPosted: Sun Apr 16, 2006 1:33 am Reply with quote
SicKn3sS
Regular user
Regular user
 
Joined: Apr 16, 2006
Posts: 14




Lol i dont mean to be a noob but i get this error with my server:

Code:
Warning: fopen(log.txt) [function.fopen]: failed to open stream: Permission denied in /mnt/storage/users/d/0/c/d0cuh3/pwnt.php on line 6

Warning: fwrite(): supplied argument is not a valid stream resource in /mnt/storage/users/d/0/c/d0cuh3/pwnt.php on line 11

Warning: fclose(): supplied argument is not a valid stream resource in /mnt/storage/users/d/0/c/d0cuh3/pwnt.php on line 12


I have a free PHP 5 server at www.host.sk. How can I set the permissions to let that PHP file write a log.txt?

K nvm all that I just used a different host this host.sk is full of bugs and always has parts down for maintainance, thanks so much for this help though.
View user's profile Send private message
PostPosted: Sun Apr 16, 2006 1:03 pm Reply with quote
dinho
Regular user
Regular user
 
Joined: Apr 15, 2006
Posts: 16




Well I have tryed it ... and worked fine but it doesn't show me the victim Cookies Rolling Eyes
I mean it shows the date , IP , and sometimes the link ...


Code:
IP: ***.***.***.***
Date and Time: 16 April, 2006, 7:57 am
Referer: http://www.localhost.com/phpbb2/viewtopic.php?p=1
Cookie:


as we can see the cookie side is empty, I don't know why Exclamation
View user's profile Send private message
PostPosted: Sun Apr 16, 2006 2:13 pm Reply with quote
SicKn3sS
Regular user
Regular user
 
Joined: Apr 16, 2006
Posts: 14




dinho wrote:
Well I have tryed it ... and worked fine but it doesn't show me the victim Cookies Rolling Eyes
I mean it shows the date , IP , and sometimes the link ...


Code:
IP: ***.***.***.***
Date and Time: 16 April, 2006, 7:57 am
Referer: http://www.localhost.com/phpbb2/viewtopic.php?p=1
Cookie:


as we can see the cookie side is empty, I don't know why Exclamation


It only gives you the cookies of where you were referred from so send it to someone and it should work fine.

This is what i got (I got like 10 because the dumb guy opened it like 10 times)

Code:
Date and Time: 16 April, 2006, 4:01 am
   Referer: http://X.com/modules.php?name=Private_Messages&file=index&folder=inbox&mode=read&p=1249 Cookie: eqdkp_data=a:2:{s:13:\"auto_login_id\";s:0:\"\";s:7:\"user_id\";i:-1;}; Xforums_data=a:2:{s:11:\"autologinid\";s:0:\"\";s:6:\"userid\";s:2:\"94\";}; lang=english; user=OTQ6R3JpeWE6ZmU2MzE5NjhmMGNkNzFmMGIyODk2ZWFlYTM4MzY5NmQ6MTA6OjA6MDowOjA6OjQwOTY=; Xforums_sid=e8528ca60941211f34c8b723f4acbc85; Xforums_t=a:12:{i:1295;i:1145147084;i:1292;i:1145147109;i:1296;i:1145147137;i:1287;i:1145147166;i:691;i:1145147216;i:1277;i:1145147338;i:1231;i:1145147376;i:1275;i:1145147426;i:1270;i:1145147477;i:1234;i:1145147488;i:1212;i:1145147498;i:1300;i:1145171689;}
   IP: **.***.***.***


How exactly do I make a cookie to use this can someone compile it for me? Im using some coockie editor firefox extension. Lol plz help fast before its too late.
View user's profile Send private message
PostPosted: Tue Apr 18, 2006 6:47 pm Reply with quote
syntax9
Active user
Active user
 
Joined: Dec 21, 2005
Posts: 33




nice hijack. but for the original post, oobiin is looking at the same targetas iam. ill match whatever he offers, so the reward is dbl'd.
View user's profile Send private message
PostPosted: Tue Apr 18, 2006 8:07 pm Reply with quote
SicKn3sS
Regular user
Regular user
 
Joined: Apr 16, 2006
Posts: 14




I thought there was a way to just post an image with bb code and it worked that way I saw something like that on milw0rm does anyone know how?
View user's profile Send private message
PostPosted: Tue Apr 18, 2006 8:27 pm Reply with quote
johnny
Regular user
Regular user
 
Joined: Mar 13, 2006
Posts: 13




Here is the scoop on this exploit:

- You put the cookies.php on YOUR server. Make it executable. Put the path to it in the string of HTML. Then make a blank text file called "log.txt" and make sure it has permissions 777 (read/write/execute for all).

- Add the string of HTML to the bottom of a post or PM that you make on the board. Make sure there is enough text above the string of HTML so that the HTML is at least 6 or 8 lines down (the reason being that if others search for your posts, the background color of the search results won't match the color of the HTML you inserted and your HTML code will be visible).

- Wait for someone to read your post.

- Then, IF the following are true, you will get the cookie:

1) They are using IE for Windows.
2) They have Autologin checked.

The cookie string that you get back in log.txt will be the 32 characters that follow the "s:32" in the string.

Submit this 32 characters to Milw0rm.com's cracker or to another online cracker to get the password. Not all passwords are crackable.

There.
View user's profile Send private message
PostPosted: Tue Apr 18, 2006 11:33 pm Reply with quote
SicKn3sS
Regular user
Regular user
 
Joined: Apr 16, 2006
Posts: 14




I used www.t35.com to make mine, all you have to do is upload the php file and post the exploit and it will work.
View user's profile Send private message
PostPosted: Sun May 07, 2006 1:37 pm Reply with quote
zolw
Beginner
Beginner
 
Joined: May 07, 2006
Posts: 1




but if on 2.0.17 forum HTML in posts is deactivated, what to do then?
View user's profile Send private message
PostPosted: Mon May 08, 2006 8:44 pm Reply with quote
Redempti0n
Beginner
Beginner
 
Joined: May 08, 2006
Posts: 2




zolw wrote:
but if on 2.0.17 forum HTML in posts is deactivated, what to do then?


I am having the same problem as well. Is it possible to post a URL to the PHP file and still obtain the cookie information? I have yet to test it on my forums, however, with HTML enabled, the XSS script works.
View user's profile Send private message
l
  www.waraxe.us Forum Index -> PhpBB
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT  
Page 2 of 2  
Goto page Previous  1, 2
  
  
 Post new topic  Reply to topic  




Powered by phpBB 2001-2008 phpBB Group






It book reviews
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2013 Janek Vind "waraxe"
Page Generation: 0.087 Seconds