 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 58
 Members: 0
 Total: 58
|
|
|
|
|
|
Full disclosure |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
| Harold |
|
| Replies: 35 |
| Views: 34046 |
|
|
 |
|
 |
|
No it is solved already. Had something to do with a new server or something.
Isn't there a way you can just get a password from a member or mod?  |
|
|
|
| Harold |
|
| Replies: 35 |
| Views: 34046 |
|
|
|
|
|
|
Look at www.ninyou.nl now.
Is this the exploits doing? Look at the line on the upper side of the page. It mentions Stexy. SteX is the admin and i sent some attacks on his profile just to try. It co ... |
|
|
|
| Harold |
|
| Replies: 35 |
| Views: 34046 |
|
|
|
|
|
|
Tried all thge exploits now and most of them say not vulnerable. I think I give up now. Thanks for all your help though.  |
|
|
|
| Harold |
|
| Replies: 35 |
| Views: 34046 |
|
|
|
|
|
|
I'm sorry but I don't get it. PHP is not a recognizewd command in cmd. Do I have to download something like perl?
BTW: some exploits say: Vulnerable test: Not vulnerable!
Is it impossible now? T ... |
|
|
|
| Harold |
|
| Replies: 35 |
| Views: 34046 |
|
|
|
|
|
|
Ok tried another one trhis one is
exploit.pl [target] [userid] [Searchstring]
What is searchstring?
And I did a test like this
perl exploit.pl ninyou.nl/forum [1021] [Username????]
And ... |
|
|
|
| Harold |
|
| Replies: 35 |
| Views: 34046 |
|
|
|
|
|
|
C:\>perl exploit.pl -U id:pass ninyou.nl/forum
burned2.pl written by x666
report errors @ blueshisha@safe-mail.net.. thx
[x] Attacking http://ninyou.nl/forum/usergroups.php...
<html>
< ... |
|
|
|
| Harold |
|
| Replies: 35 |
| Views: 34046 |
|
|
|
|
|
|
| I thought I had to do something with the admins, and then change a cookie in fierefox. What you say won't do anything with my account. (tried that myself already too btw) |
|
|
|
| Harold |
|
| Replies: 35 |
| Views: 34046 |
|
|
|
|
|
|
I have this
http://img80.imageshack.us/my.php?image=naamloosta4.jpg
And what now? I've created an account already.
URL admins:
http://www.ninyou.nl/alles/user/121/thomper/
http://www.ninyou. ... |
|
|
|
| Harold |
|
| Replies: 35 |
| Views: 34046 |
|
|
|
|
|
|
ah perl has to be written before it ok. perl exploit.pl works.
And now I only need to know how I get admin rights with my account there. I have installed http live headers for firefox if that is need ... |
|
|
|
| Harold |
|
| Replies: 35 |
| Views: 34046 |
|
|
|
|
|
|
| Well thank you! I will try the second one. Save as .pl extension I think. *Tries* |
|
|
|
| Harold |
|
| Replies: 35 |
| Views: 34046 |
|
|
|
|
|
|
If you searched for "WBB" one is a video about a XSS vuln, and the other are not related to WBB ( two are plugins for it ).
If you search "woltlab burning board" there are many interesting results. ... |
|
|
|
| Harold |
|
| Replies: 35 |
| Views: 34046 |
|
|
|
|
|
|
| I serached for WBB and found 4. Which one is for admin rights? And if you have the good one with what do I use it? (Perl PHP etc) |
|
|
|
| Harold |
|
| Replies: 35 |
| Views: 34046 |
|
|
|
|
|
|
| Yes! I just found it, it is WBB indeed. Does that work with versions and expoloits too? |
|
|
|
| Harold |
|
| Replies: 35 |
| Views: 34046 |
|
|
|
|
|
|
| Ok, I want to try exploits for all Phpbb versions now, but if I activate an exploit in cmd (exploit is .pl, is in the bin map of perl) it asks wich program. How do I set the .pl to perl? So I can act ... |
|
|
|
| Harold |
|
| Replies: 35 |
| Views: 34046 |
|
|
|
|
|
|
| Or i'll just try exploits for all versions. But I totally don't understand anything from this, so is there a tutorlial somewhere? |
|
|
| Page 1 of 2 |
Goto page 1, 2Next
All times are GMT |
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
