 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 410
 Members: 0
 Total: 410
|
|
|
|
|
|
Full disclosure |
|
CyberDanube Security Research 20251014-0 | Multiple Vulnerabilities in Phoenix Contact QUINT4 UPS
apis.google.com - Insecure redirect via __lu parameter(exploited in the wild)
Urgent Security Vulnerabilities Discovered in Mercku Routers Model M6a
Re: Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS)
Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS)
[SBA-ADV-20250730-01] CVE-2025-39664: Checkmk Path Traversal
[SBA-ADV-20250724-01] CVE-2025-32919: Checkmk Agent Privilege Escalation via Insecure Temporary Files
CVE-2025-59397 - Open Web Analytics SQL Injection
Re: [FD]Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Re: Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Re: Defense in depth -- the Microsoft way (part 93): SRP/SAFERwhitelisting goes black on Windows 11
Re: [FD]: "Glass Cage" – Zero-Click iMessage ? Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
Re: [FD]Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Samtools v1.22.1 Uncontrolled Memory Allocation from Large BED Intervals Causes Denial-of-Service in Samtools/HTSlib
Samtools v1.22.1 Improper Handling of Excessive Histogram Bin Counts in Samtools Coverage Leads to Stack Overflow
|
|
|
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
Some advice please :D |
|
 Posted: Sun Jan 17, 2010 3:03 am |
 |
|
| jRiddick |
| Beginner |
 |
|
| Joined: Jan 06, 2010 |
| Posts: 4 |
|
|
|
 |
|
 |
|
Hi 
I have gotten some hashes from a ipb forum 2.3.5.
And i have cracked some of them.
I've cracked a Regular Administrator account and the Root Admin Account.
But the problem is that i got the usernames for the accounts which for the root admin is "admin" and the cracked password is "challenge" but it won't work and the thing is when i check on the ACP on the Admin Login logs the successful logins on root admin is with the password *****0 and i've checked the id for admin which is 1 and the hash always ends up with "challenge" but the logs says that the password should be like *****0.
Is there something that i am missing or should do to reveal the real password?
I've tried to dump the hashes again and again to see if it is different but it isn't the hash and salt is the same for ID 1 
And one more user is using the username "admin" but not the same display name
| Code: | ID: 1
Username: admin
Display Name: Administrator
Status: Root Admin
hash: a5839fb96a74ffe5a054c9751b5fae8f
salt: ":4B,*"
Found Password: challenge
ID: 8891
Username: admin
Display Name: rootadmin
Status: Member
hash: 7814446c202a43c00db325a13619bceb
salt: "Syx]"
Found Password: None (No Result, Gonna try Combined Dictionary Attack) |
I have access to a Administrator account on the forum but i need Root Admin access.
Kind Regards
jRiddick |
|
|
|
|
|
www.waraxe.us Forum Index -> Invision Power Board
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
