 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
 |
working on one but not so working on the other. |
 |
 Posted: Tue Oct 14, 2008 3:31 pm |
 |
|
| hshepherd |
| Beginner |
 |
|
| Joined: Oct 14, 2008 |
| Posts: 3 |
|
|
|
 |
|
 |
|
I would like to thank waraxe for this great tool, I have retrieved an admin hash on one IPB site. But when I used it on the other IPB site, I get this following data:
Hash: ffffffffffffffffffffffffffffffff
Salt: €€€€€
This data is the same for the USER ID 1 to ID 10
Any ideas guys?
Thank you again, if no one knows about this its ok, im already grateful to get the other vulnerable IPB site. I'm just curious  |
|
|
|
|
| Posted: Tue Oct 14, 2008 3:56 pm |
|
|
| waraxe |
| Site admin |
 |
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
| Probably site is allready patched or there is some custom modification in IPB's code, which makes exploit fail ... |
|
|
|
|
|
thank you waraxe :) |
|
| Posted: Tue Oct 14, 2008 4:18 pm |
|
|
| hshepherd |
| Beginner |
|
|
| Joined: Oct 14, 2008 |
| Posts: 3 |
|
|
|
|
|
|
|
| thank you waraxe very good work on this website |
|
|
|
|
|
problem with the exploit |
|
| Posted: Sun Oct 19, 2008 1:53 pm |
|
|
| Andy1 |
| Beginner |
|
|
| Joined: Oct 19, 2008 |
| Posts: 1 |
|
|
|
|
|
|
|
| I think thiers a problem with forums.website.com, it tells me the site is vulnerable but they never work, any suggestions?. |
|
|
|
|
| Posted: Mon Oct 27, 2008 3:02 pm |
|
|
| VERTIGO |
| Advanced user |
|
|
| Joined: Sep 25, 2008 |
| Posts: 87 |
|
|
|
|
|
|
|
| you are very good coder.Thanks for these and now i will ask how to fix these vuln |
|
|
|
|
| Posted: Sat Nov 01, 2008 9:35 am |
|
|
| gyan007 |
| Advanced user |
|
|
| Joined: Oct 17, 2008 |
| Posts: 106 |
|
|
|
|
|
|
|
| Anyway to find the prefix, if its not default? |
|
|
|
|
| Posted: Tue Nov 11, 2008 4:31 pm |
|
|
| Pinox |
| Regular user |
|
|
| Joined: Dec 22, 2005 |
| Posts: 13 |
|
|
|
|
|
|
|
Weird question I know but instead of using the script is there anyway to just directly get the hash and salt:
For example just like you can check if it is vuln
| Code: | | index.php?act=xmlout&do=check-display-name&name=%2527 |
Tried this:
| Code: | | index.php?act=xmlout&do=check-display-name&name=UNION SELECT 1,1 FROM ibf_members_converge WHERE converge_id=2 AND LENGTH(converge_pass_hash)=32 |
Doesnt seem to work but forum is definately vuln im just being lazy haha but would appreciate it if you could help if not i'll just have to use the script  |
|
|
|
|
| Posted: Wed Nov 12, 2008 1:52 am |
|
|
| _mranderson_ |
| Valuable expert |
|
|
| Joined: Oct 30, 2008 |
| Posts: 51 |
|
|
|
|
|
|
|
| nope, you can only use blind sql injection, that means you have to guess one char at a time. can't retrieve the whole hash at once |
|
|
|
|
| Posted: Mon Nov 17, 2008 9:32 am |
|
|
| Denis_Korablev |
| Beginner |
|
|
| Joined: Nov 17, 2008 |
| Posts: 4 |
|
|
|
|
|
|
|
waraxe, good job man!!!
waiting on 2.3.6 release... do you already have some ideas about it???  
As is known 70% of forums patch themselves within 2-3 days after such beautiful releases, and in a week I belive 90% of big forums are patched.  |
|
|
|
|
| Posted: Tue Nov 18, 2008 7:47 pm |
|
|
| JohnsonA |
| Regular user |
|
|
| Joined: Nov 18, 2008 |
| Posts: 6 |
|
|
|
|
|
|
|
Once I have the hash and the salt... How do I get into the forum as the admin?
I thought I could edit my cookie but it doesn't seem to work?
I don't know how to crack using a hash + salt either |
|
|
|
|
|
exploit |
|
| Posted: Wed Nov 19, 2008 4:07 am |
|
|
| djpepis |
| Beginner |
|
|
| Joined: Nov 19, 2008 |
| Posts: 2 |
|
|
|
|
|
|
|
| which program is working that exploit? |
|
|
|
|
| Posted: Wed Nov 19, 2008 4:30 am |
|
|
| waraxe |
| Site admin |
|
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
| JohnsonA wrote: | Once I have the hash and the salt... How do I get into the forum as the admin?
I thought I could edit my cookie but it doesn't seem to work?
I don't know how to crack using a hash + salt either |
Yes, in most cases you need crack the hash first, because IPB can't be fooled with cookie crafting or something like that - you need plaintext password. |
|
|
|
|
| Posted: Wed Nov 19, 2008 5:17 am |
|
|
| djpepis |
| Beginner |
|
|
| Joined: Nov 19, 2008 |
| Posts: 2 |
|
|
|
|
|
|
|
| hello can anybody explain to me how this PHP exploits works? thanks!! i am new!! |
|
|
|
|
| Posted: Wed Nov 19, 2008 3:04 pm |
|
|
| JohnsonA |
| Regular user |
|
|
| Joined: Nov 18, 2008 |
| Posts: 6 |
|
|
|
|
|
|
|
| waraxe wrote: | | JohnsonA wrote: | Once I have the hash and the salt... How do I get into the forum as the admin?
I thought I could edit my cookie but it doesn't seem to work?
I don't know how to crack using a hash + salt either |
Yes, in most cases you need crack the hash first, because IPB can't be fooled with cookie crafting or something like that - you need plaintext password. |
Thanks,
Could you explain how to crack IPB passes?
I know how to do normal MD5's on milw0rm etc, but IPB you need to input the salt somewhere too I think?
Thanks |
|
|
|
|
| Posted: Fri Dec 05, 2008 12:05 am |
|
|
| Crypz |
| Beginner |
|
|
| Joined: Dec 05, 2008 |
| Posts: 2 |
| Location: Estonia |
|
|
|
|
|
|
| application couldnt start because php4tl.dll was not found. re-installing the application may fix this problem, what am I missing? |
|
|
|
|
www.waraxe.us Forum Index -> Invision Power Board
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 2 of 6
Goto page Previous1, 2, 3, 4, 5, 6Next
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
Discussions
Tools
Content
Info
Membership:
Latest: 
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 213
Members: 0
Total: 213
