Waraxe IT Security Portal  
  Login or Register
::  Home  ::  Search  ::  Your Account  ::  Forums  ::   Waraxe Advisories  ::  Tools  ::
March 28, 2024
Menu
 Home
 Logout
 Discussions
 Forums
 Members List
 IRC chat
 Tools
 Base64 coder
 MD5 hash
 CRC32 checksum
 ROT13 coder
 SHA-1 hash
 URL-decoder
 Sql Char Encoder
 Affiliates
 y3dips ITsec
 Md5 Cracker
 User Manuals
 AlbumNow
 Content
 Content
 Sections
 FAQ
 Top
 Info
 Feedback
 Recommend Us
 Search
 Journal
 Your Account



User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9145

People Online:
Visitors: 831
Members: 0
Total: 831
PacketStorm News
·301 Moved Permanently

read more...
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> Newbies corner -> cracking a vbulletin password
Post new topic  Reply to topic View previous topic :: View next topic 
cracking a vbulletin password
PostPosted: Mon May 26, 2008 6:06 pm Reply with quote
ilrb2
Regular user
Regular user
 
Joined: May 26, 2008
Posts: 11




mostly for the purpose of education though i would like to crack one pass. so i have passwordspro, access to the ftp and cpanel, and i would like access to the admin's account (mostly the admincp). i've tried searching but i'm afraid i don't know much about this stuff. so say i have a site, www.example.net, which is a vbull site. what would i do step by step? so far, i went to www.example.net/admincp.php and clicked on "view page source." i searched and found this:

Code:
   //-->
   </script>
   <form action="../login.php?do=login" method="post" name="loginform" onsubmit="md5hash(vb_login_password, vb_login_md5password, vb_login_md5password_utf); js_do_options(this)">

   <input type="hidden" name="url" value="/admincp/" />
   <input type="hidden" name="s" value="09145cae798cb2cbf2e92e6626bb744e" />
   <input type="hidden" name="logintype" value="cplogin" />
   <input type="hidden" name="do" value="login" />
   <input type="hidden" name="vb_login_md5password" value="" />
   <input type="hidden" name="vb_login_md5password_utf" value="" />
      <p> ;;</p><p> ;;</p>


however, i don't know if 09145cae798cb2cbf2e92e6626bb744e is the right hash since the above doesn't contain the user name. say the user name is admin, how would i obtain the hash and salt for passwordspro? or is there a better way to crack all this? please tell me what i'm doing wrong and what to do next. thanks in advanced.
View user's profile Send private message
PostPosted: Mon May 26, 2008 6:11 pm Reply with quote
waraxe
Site admin
Site admin
 
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




You have access to target's ftp? Can you upload arbitrary php scripts? Can you download files from target webroot? Then download config file, get mysql credentials, write simple mysql dumping script and fetch user table with all the pasword hashes and salts.
And how about phpmyadmin? Is it present? If so, then obtain mysql credentials and then use phpmyadmin.
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Mon May 26, 2008 6:24 pm Reply with quote
ilrb2
Regular user
Regular user
 
Joined: May 26, 2008
Posts: 11




yeah, i have access to ftp and cpanel. but could you maybe explain all this a little better? which scripts would i upload and where? and what's "downloading files from target webroot," is it downloading ftp files? and this part "Then download config file, get mysql credentials, write simple mysql dumping script and fetch user table with all the pasword hashes and salts." makes no sense to me, sorry. you wouldn't happen to have links to anything that might explain these things better?
View user's profile Send private message
PostPosted: Mon May 26, 2008 6:28 pm Reply with quote
waraxe
Site admin
Site admin
 
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




OK, use ftp, search for file "config.php" and download it. This file contains database name, mysql username and password. When you have this info, let me know and i will show you next step.
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Mon May 26, 2008 7:07 pm Reply with quote
ilrb2
Regular user
Regular user
 
Joined: May 26, 2008
Posts: 11




i think it's:

dbname: skatespo_skatespot
username: skatespo_patrick
pass: patrick

does that look right? i don't know if it's the myslq user/pass cause it says $config['MasterServer']['username'] = 'skatespo_patrick'
View user's profile Send private message
PostPosted: Mon May 26, 2008 8:05 pm Reply with quote
waraxe
Site admin
Site admin
 
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




Good. Now try to locate phpmyadmin. Log in to Cpanel and look for phpmyadmin link. Click it. Next you will need username and password ... which you allready have Smile
If you will get inside phpmyadmin, be very careful. One careless click can destroy entire database!
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Mon May 26, 2008 8:47 pm Reply with quote
ilrb2
Regular user
Regular user
 
Joined: May 26, 2008
Posts: 11




well, i could've just gone directly there. well, i'm in it, what now?
View user's profile Send private message
PostPosted: Mon May 26, 2008 9:07 pm Reply with quote
waraxe
Site admin
Site admin
 
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




Don't you know phpmyadmin basics? Select needed database (left-upper corner), then in left you will see table names. Look for users table. Click it. Next you can browse user rows and copy-paste needed info (username,hash,salt). Or better choice is "Export", so you can have all userdata at once.
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Tue May 27, 2008 1:10 am Reply with quote
ilrb2
Regular user
Regular user
 
Joined: May 26, 2008
Posts: 11




i really don't, i never needed to use it as an admin. i can't find a user table or user rows. could it be named something different?

i did click on users and find "password" in a list. when i view it, i get a two columns, one says "rows" and usually has the number 1 and the other says "password" and has what i think is a hash. stuff like this: 00b49815e3d1bcf7f0237926d2bf7b8b.

is this it? it doesn't say the usernames or salts though.

EDIT: nvm, i think i found it all. what kind of hash would it be? it says "+#r" but i don't know what to put for type of hash.

anyway, i'm gonna have passwordspro run but i guess i'll also ask for someone on here to try. thanks for the help.
View user's profile Send private message
PostPosted: Thu May 29, 2008 1:22 am Reply with quote
tooth
Beginner
Beginner
 
Joined: May 29, 2008
Posts: 3




If your trying to crack the pass it going to be here in the red color

INSERT INTO `user` VALUES(1, 6, '', 0, 'admin', 'df6e986e01d8bef78787wb3731ed47',

After you export the user table.. or however u decided to get the data from it
View user's profile Send private message
PostPosted: Fri May 30, 2008 1:12 am Reply with quote
ilrb2
Regular user
Regular user
 
Joined: May 26, 2008
Posts: 11




well, i just copy/pasted to passwordspro. what do you mean by "insert into user values?"
View user's profile Send private message
PostPosted: Wed Aug 13, 2008 3:37 am Reply with quote
nick
Beginner
Beginner
 
Joined: Aug 13, 2008
Posts: 2




I find it funny how this is Newbies corner, yet none of the questions/answers seem to answer my basic question of the first step in this elaborate process.

How would I get the password/password hash. I don't have FTP access to the server, and my privileges are that of a normal user. There's got to be some way that I can do this remotely without having to jack the site FTP or something. I don't mind researching a bit. I just need some pointers in the right direction. So far all of the knowledge base I've found has pertained to what to do with the password and methods of cracking the MD5 hash, so I'm a little lost on what to search for. Phishing is a possibility, though I'd rather not have to resort to that, since it's chance of working is minimal due to the targets being likely more proficient in computing than I am.
View user's profile Send private message
PostPosted: Wed Aug 13, 2008 9:40 am Reply with quote
ZiPo
Advanced user
Advanced user
 
Joined: Jul 08, 2008
Posts: 86




Well for start i would examine that web site.

Try to find as much as you can for that site, applications that are running there, components/modules/plugins installed for that application. Any javascript. Search for forms, queries. Try to find a little bit about members that are responsible for running the site. Basicly any info that you can get will put you one step closer to your goal. Then google as much info as you can about stuff you finded. Try to search about vulnerabilities for the specific application/module...whatever. Most importantly try to understand specific vulnerability. It will be hard in the begining...hell it will be hard later too, but hacking is a game of patience, persistance and sometimes really good nerves Wink

I hope that this is what you was looking for. if you wanted to know on how to hack specific site, nobody will help you there, well maybe they will, but then as specific questions and you just may get the answers.

P.S. Sorry for my English, it's not my native language, but i hope you understand what i wanted to say.

Good luck and Have Fun Smile
View user's profile Send private message
PostPosted: Wed Aug 13, 2008 6:35 pm Reply with quote
nick
Beginner
Beginner
 
Joined: Aug 13, 2008
Posts: 2




Yeah, it's a start.

More specifically, is there a way to intercept log-in information without altering files on the actual server? This is the latest version of vBulletin if it helps.
View user's profile Send private message
cracking a vbulletin password
  www.waraxe.us Forum Index -> Newbies corner
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT  
Page 1 of 1  

  
  
 Post new topic  Reply to topic  




Powered by phpBB © 2001-2008 phpBB Group






Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2020 Janek Vind "waraxe"
Page Generation: 0.167 Seconds