Waraxe IT Security Portal  
  Login or Register
::  Home  ::  Search  ::  Your Account  ::  Forums  ::   Waraxe Advisories  ::  Tools  ::
March 19, 2024
Menu
 Home
 Logout
 Discussions
 Forums
 Members List
 IRC chat
 Tools
 Base64 coder
 MD5 hash
 CRC32 checksum
 ROT13 coder
 SHA-1 hash
 URL-decoder
 Sql Char Encoder
 Affiliates
 y3dips ITsec
 Md5 Cracker
 User Manuals
 AlbumNow
 Content
 Content
 Sections
 FAQ
 Top
 Info
 Feedback
 Recommend Us
 Search
 Journal
 Your Account



User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9145

People Online:
Visitors: 476
Members: 0
Total: 476
PacketStorm News
·301 Moved Permanently

read more...
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> PhpBB -> phpBB 2.0.16 XSS Remote Cookie Disclosure Exploit Goto page Previous  1, 2, 3, 4, 5, 6, 7, 8  Next
Post new topic  Reply to topic View previous topic :: View next topic 
PostPosted: Fri Jul 22, 2005 3:10 pm Reply with quote
howitzer
Regular user
Regular user
 
Joined: Jun 25, 2005
Posts: 23




I cant crack 2004074e32f9875eb0e496eccb2d368d this one painfull md5 hash for days Evil or Very Mad

Stroke try man for god sakes Sad
10x
View user's profile Send private message
PostPosted: Fri Jul 22, 2005 3:54 pm Reply with quote
str0ke
Beginner
Beginner
 
Joined: Jul 07, 2005
Posts: 4




Well I run a free online md5 cracker.

http://www.milw0rm.com/md5/

I use multiple different techniques + rainbow tables to get the final outcome. Just look at the listings and you will see if both of your md5's were found or not.

/str0ke
View user's profile Send private message Visit poster's website
PostPosted: Fri Jul 22, 2005 3:58 pm Reply with quote
Twist
Regular user
Regular user
 
Joined: Jul 22, 2005
Posts: 6




thanks str0ke.. Cool
View user's profile Send private message
PostPosted: Fri Jul 22, 2005 9:17 pm Reply with quote
dnegel666
Beginner
Beginner
 
Joined: Jul 19, 2005
Posts: 3




Sorry for you :

2004074e32f9875eb0e496eccb2d368d -notfound- completed

on www.milw0rm.com/md5/...
View user's profile Send private message
PostPosted: Sun Jul 24, 2005 10:02 pm Reply with quote
insect
Beginner
Beginner
 
Joined: Jul 25, 2005
Posts: 2




Hi. I have a cookie but i can't found any user id. Please help.

Cookie: ForumSetCookie=smackdown; phpbb_smackdown_data=a:2:{s:11:\"autologinid\";s:32:\"c245bf330e68f4abe4fabe8f95fe1926\";s:6:\"userid\";i:21;}; phpbb_smackdown_sid=b8eb4725bb7fd5a1c5440381dc246bf9; phpbb_smackdown_t=a:24:{i:48;i:1122207129;i:49;i:1122206051;i:197;i:1122207076;i:9;i:1122206828;i:16;i:1122206797;i:131;i:1122206715;i:51;i:1122206775;i:50;i:1122206946;i:108;i:1122206998;i:212;i:1122208405;i:275;i:1122208438;i:306;i:1122208506;i:92;i:1122208538;i:99;i:1122208619;i:84;i:1122208648;i:226;i:1122208703;i:271;i:1122208754;i:262;i:1122208815;i:45;i:1122208860;i:257;i:1122209241;i:119;i:1122209950;i:68;i:1122210020;i:242;i:1122210117;i:137;i:1122212880;}
View user's profile Send private message
PostPosted: Sun Jul 24, 2005 10:12 pm Reply with quote
kizkur
Regular user
Regular user
 
Joined: Dec 04, 2004
Posts: 11




insect wrote:
Hi. I have a cookie but i can't found any user id. Please help.

Cookie: ForumSetCookie=smackdown; phpbb_smackdown_data=a:2:{s:11:\"autologinid\";s:32:\"c245bf330e68f4abe4fabe8f95fe1926\";s:6:\"userid\";i:21;}; phpbb_smackdown_sid=b8eb4725bb7fd5a1c5440381dc246bf9; phpbb_smackdown_t=a:24:{i:48;i:1122207129;i:49;i:1122206051;i:197;i:1122207076;i:9;i:1122206828;i:16;i:1122206797;i:131;i:1122206715;i:51;i:1122206775;i:50;i:1122206946;i:108;i:1122206998;i:212;i:1122208405;i:275;i:1122208438;i:306;i:1122208506;i:92;i:1122208538;i:99;i:1122208619;i:84;i:1122208648;i:226;i:1122208703;i:271;i:1122208754;i:262;i:1122208815;i:45;i:1122208860;i:257;i:1122209241;i:119;i:1122209950;i:68;i:1122210020;i:242;i:1122210117;i:137;i:1122212880;}


the user id is 21
View user's profile Send private message
PostPosted: Mon Jul 25, 2005 1:09 am Reply with quote
howitzer
Regular user
Regular user
 
Joined: Jun 25, 2005
Posts: 23




insect wrote:
Hi. I have a cookie but i can't found any user id. Please help.

Cookie: ForumSetCookie=smackdown; phpbb_smackdown_data=a:2:{s:11:\"autologinid\";s:32:\"c245bf330e68f4abe4fabe8f95fe1926\";s:6:\"userid\";i:21;}; phpbb_smackdown_sid=b8eb4725bb7fd5a1c5440381dc246bf9; phpbb_smackdown_t=a:24:{i:48;i:1122207129;i:49;i:1122206051;i:197;i:1122207076;i:9;i:1122206828;i:16;i:1122206797;i:131;i:1122206715;i:51;i:1122206775;i:50;i:1122206946;i:108;i:1122206998;i:212;i:1122208405;i:275;i:1122208438;i:306;i:1122208506;i:92;i:1122208538;i:99;i:1122208619;i:84;i:1122208648;i:226;i:1122208703;i:271;i:1122208754;i:262;i:1122208815;i:45;i:1122208860;i:257;i:1122209241;i:119;i:1122209950;i:68;i:1122210020;i:242;i:1122210117;i:137;i:1122212880;}


Ok the important part is
a:2:{s:11:"autologinid";s:32:"c245bf330e68f4abe4fabe8f95fe1926";s:6:"userid";i:21;}

you can use cookie poison to get thru ...
were :
c245bf330e68f4abe4fabe8f95fe1926 -- md5 hash
21 --- user id


good luck
View user's profile Send private message
PostPosted: Mon Jul 25, 2005 9:38 am Reply with quote
insect
Beginner
Beginner
 
Joined: Jul 25, 2005
Posts: 2




Thx ^_^
View user's profile Send private message
PostPosted: Tue Jul 26, 2005 6:22 pm Reply with quote
Twist
Regular user
Regular user
 
Joined: Jul 22, 2005
Posts: 6




the user ID has nothing to do with there username so how do i know which cookie belongs to who? becoz i have cracke dlots of md5 hashes from these cookies but i dont know whos username they go to... Crying or Very sad
View user's profile Send private message
PostPosted: Wed Jul 27, 2005 4:52 am Reply with quote
diegocure15
Active user
Active user
 
Joined: Sep 22, 2004
Posts: 27




subzero wrote:
i think you using mozilla ?? others than IE ?

i have no problem to see my own hash and im sure verbatism dont have problem too Wink

about the hash pass.

found an online site that do cracking for u.
http://sarcaprj.wayreth.eu.org/



i have sent a hash to that page to crack, but how or where do i look for it? Question

Quote:
hash: f744e541a2daf66852b0be780afad38a
View user's profile Send private message
PostPosted: Thu Jul 28, 2005 11:05 am Reply with quote
Armageddon85
Regular user
Regular user
 
Joined: Jul 28, 2005
Posts: 7




I perfectly understand the second part to this exploit - thanks to the video... but now i dont understand the first.

does the script go on a file in your website with chmod at 777?

if so does anyone know webhosting service for free that has that ability.

all the ones i have signed up for have a "quick and easy" file management system.
View user's profile Send private message
PostPosted: Thu Jul 28, 2005 2:50 pm Reply with quote
diegocure15
Active user
Active user
 
Joined: Sep 22, 2004
Posts: 27




Armageddon85 wrote:
I perfectly understand the second part to this exploit - thanks to the video... but now i dont understand the first.

does the script go on a file in your website with chmod at 777?

if so does anyone know webhosting service for free that has that ability.

all the ones i have signed up for have a "quick and easy" file management system.


www.lycos.com and just have to upload the cookie script normally and the create a file with chmod on the same path and give it 777 mod.
View user's profile Send private message
PostPosted: Fri Jul 29, 2005 2:57 am Reply with quote
Armageddon85
Regular user
Regular user
 
Joined: Jul 28, 2005
Posts: 7




ok I hate to be the newb but is there anywhere there is a tutorial for this specific situtation - and I your going to say google ... but ive been doing that all day - I just dont understand how to use webhosting to editfiles from an outside source
View user's profile Send private message
PostPosted: Fri Jul 29, 2005 3:34 am Reply with quote
700G
Active user
Active user
 
Joined: Mar 25, 2005
Posts: 33




Did you see the video in this thread?
View user's profile Send private message
PostPosted: Fri Jul 29, 2005 3:48 am Reply with quote
Armageddon85
Regular user
Regular user
 
Joined: Jul 28, 2005
Posts: 7




Yes I know exactly how to do that part of the exploit but I need to know more specifically how to get the actual cookie to another file. where you enter your site in the code on the post. and what to do there
View user's profile Send private message
phpBB 2.0.16 XSS Remote Cookie Disclosure Exploit
  www.waraxe.us Forum Index -> PhpBB
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT  
Page 5 of 8  
Goto page Previous  1, 2, 3, 4, 5, 6, 7, 8  Next
  
  
 Post new topic  Reply to topic  




Powered by phpBB © 2001-2008 phpBB Group






Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2020 Janek Vind "waraxe"
Page Generation: 0.241 Seconds