 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 216
 Members: 0
 Total: 216
|
|
|
|
|
|
Full disclosure |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
need help for IPB 2.1.7 |
|
 Posted: Tue Aug 26, 2008 8:07 am |
 |
|
| _hacker_ |
| Regular user |
 |
|
| Joined: Aug 26, 2008 |
| Posts: 14 |
| Location: asia |
|
|
 |
|
 |
|
hi i am n00b here i know perl exlpoit....i want to hack this site
http://www.demons-darkness.com/ipb/index.php?act=idx
it is made in ipb 2.1.7
i have found 2 exploits for this ipb version
Invision Power Board <= 2.1.7 (Debug) Remote Password Change Exploit
www.milw0rm.com/exploits/2696
2:Invision Power Board <= 2.1.7 ACTIVE XSS/SQL Injection Exploit
w.milw0rm.com/exploits/4841
but i dont know how to use both can some one tell me how to use or any tutorial abou tany one or both ty
and i have tried to find perl exploit for ipb 2.1.7 but failed it is not exsit in google and in milworm... |
|
|
|
|
|
|
|
|
| Posted: Tue Aug 26, 2008 12:29 pm |
|
|
| lenny |
| Valuable expert |
 |
|
| Joined: May 15, 2008 |
| Posts: 275 |
|
|
|
|
|
|
|
Well the first exploit is in PHP. To execute it, do exactly what you would usually do with perl, but use php.exe instead of perl.exe. The first exploit depends on SQL debug mode being enabled, or debug level 3... so it may not work in this instance, but its worth a try. The second exploit is a little more complicated, and involves a little social engineering but it is possible. The second exploit is not very well documented, I suggest you try and look up an alternative version of the exploit.
The second may be outside of your skill level. |
|
|
|
|
|
|
|
|
| Posted: Tue Aug 26, 2008 4:23 pm |
|
|
| _hacker_ |
| Regular user |
|
|
| Joined: Aug 26, 2008 |
| Posts: 14 |
| Location: asia |
|
|
|
|
|
|
| lenny wrote: | Well the first exploit is in PHP. To execute it, do exactly what you would usually do with perl, but use php.exe instead of perl.exe. The first exploit depends on SQL debug mode being enabled, or debug level 3... so it may not work in this instance, but its worth a try. The second exploit is a little more complicated, and involves a little social engineering but it is possible. The second exploit is not very well documented, I suggest you try and look up an alternative version of the exploit.
The second may be outside of your skill level. |
ty for info.........there is no tutorial for 2nd method ? |
|
|
|
|
| Posted: Tue Aug 26, 2008 4:55 pm |
|
|
| lenny |
| Valuable expert |
|
|
| Joined: May 15, 2008 |
| Posts: 275 |
|
|
|
|
|
|
|
| No... exploits don't usally come with tutorials... Ill see what i can find, but its not likely |
|
|
|
|
| Posted: Wed Sep 03, 2008 12:39 pm |
|
|
| _hacker_ |
| Regular user |
|
|
| Joined: Aug 26, 2008 |
| Posts: 14 |
| Location: asia |
|
|
|
|
|
|
| lenny wrote: | | No... exploits don't usally come with tutorials... Ill see what i can find, but its not likely |
ty i know how to use PERL through youtube videos but there is no 2.1.7 ipb exploit in perl ..and i dont know more methods to hack forums ... |
|
|
|
|
www.waraxe.us Forum Index -> Newbies corner
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
