Waraxe IT Security Portal
Login or Register
October 3, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 116
Members: 0
Total: 116
Full disclosure
SEC Consult SA-20240930-0 :: Local Privilege Escalation via MSI Installer in Nitro PDF Pro (CVE-2024-35288)
Backdoor.Win32.Benju.a / Unauthenticated Remote CommandExecution
Backdoor.Win32.Prorat.jz / Remote Stack Buffer Overflow (SEH)
Backdoor.Win32.Amatu.a / Remote Arbitrary File Write (RCE)
Backdoor.Win32.Agent.pw / Remote Stack Buffer Overflow (SEH)
Backdoor.Win32.Boiling / Remote Command Execution
Defense in depth -- the Microsoft way (part 88): a SINGLEcommand line shows about 20, 000 instances of CWE-73
SEC Consult SA-20240925-0 :: Uninstall Password Bypass in BlackBerry CylanceOPTICS Windows Installer Package (CVE-2024-35214)
Apple iOS 17.2.1 - Screen Time Passcode Retrieval (MitigationBypass)
CyberDanube Security Research 20240919-0 | Multiple Vulnerabilities in Netman204
Submit Exploit CVE-2024-42831
Stored XSS in "Edit Profile" - htmlyv2.9.9
Stored XSS in "Menu Editor" - htmlyv2.9.9
Backdoor.Win32.BlackAngel .13 / Unauthenticated Remote CommandExecution
Backdoor.Win32.CCInvader. 10 / Authentication Bypass
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> PhpBB -> phpBB 2.0.16 XSS Remote Cookie Disclosure Exploit Goto page Previous1, 2, 3, 4, 5, 6, 7, 8
Post new topicReply to topic View previous topic :: View next topic
Re: ????????????
PostPosted: Fri Jan 20, 2006 5:39 am Reply with quote
lld_master
Regular user
Regular user
Joined: Jan 12, 2006
Posts: 12




MOOD wrote:
i used this exploit for { phpBB2 Plus 1.55 based on phpBB }
I send PM's to All Admins And i got this

Cookie: phpbb2mysql_data=a:2:{s:11:\"autologinid\";s:0:\"\";s:6:\"userid\";s:1:\"5\";}; phpbb2mysql_sid=b8e1e9fc6bbfc7300fbffbd9e0303bf9; phpbb2mysql_t=a:9:{i:1668;i:1122573925;i:2019;i:1122574321;i:1628;i:1122575145;i:1402;i:1122575198;i:2034;i:1122575257;i:217;i:1122575288;i:2029;i:1122579674;i:1584;i:1122575488;i:2002;i:1122579443;}
IP: 217.54.143.159
Date and Time: 28 July, 2005, 10:11 pm
Referer: http://www.XXX.com/forum1000/privmsg.php?folder=inbox&mode=read&p=2121

Cookie: phpbb2mysql_data=a:2:{s:11:\"autologinid\";s:0:\"\";s:6:\"userid\";s:1:\"4\";}; phpbb2mysql_sid=59f7de399f61fbc4e164e9903049ba04; phpbb2mysql_b_6=1; phpbb2mysql_t=a:2:{i:1691;i:1122619864;i:2002;i:1122619899;}
IP: 81.10.79.206
Date and Time: 29 July, 2005, 8:52 am
Referer: http://www.XXX.com/forum1000/privmsg.php?folder=inbox&mode=read&p=2118

Cookie: phpbb2mysql_data=a:2:{s:11:\"autologinid\";s:0:\"\";s:6:\"userid\";s:1:\"6\";}; phpbb2mysql_sid=e86d7e0db8b0ab4cf0538f32ac2572f5; phpbb2mysql_t=a:3:{i:298;i:1122793324;i:2003;i:1122793546;i:2140;i:1122794074;}
IP: 196.204.149.12
Date and Time: 31 July, 2005, 9:15 am
Referer: http://www.XXX.com/forum1000/privmsg.php?folder=inbox&mode=read&p=2119

Any One Told Me Who To Use It Please Embarassed Embarassed Embarassed



This means that the admin didnt check the remember me next time I log in check box. If he did the it would look like this:
phpbb2mysql_data=a:2:{s:11:\"autologinid\";s:\" THE HASH WOULD SHOW UP HERE\":\"\";s:6:\"userid\";s:\"6\";}; phpbb2mysql_sid=e86d7e0db8b0ab4cf0538f32ac2572f5; phpbb2mysql_t=a:3:{i:298;i:1122793324;i:2003;i:1122793546;i:2140;i:1122794074;}
View user's profile Send private message
PostPosted: Thu Apr 13, 2006 12:40 am Reply with quote
DCDJ
Beginner
Beginner
Joined: Apr 13, 2006
Posts: 3




Hi guys, could someone PLEASE reply to this post!!!

I have set up my php and txt file and its working fine. But does anyone know how to make it so that in your txt file the logs are going down and not sidways across the page? PLZ Help!!!!

DCDJ Cool
View user's profile Send private message Visit poster's website
PostPosted: Thu Apr 13, 2006 5:14 pm Reply with quote
DCDJ
Beginner
Beginner
Joined: Apr 13, 2006
Posts: 3




I have been told this is a dead forum Is it true?
View user's profile Send private message Visit poster's website
PostPosted: Sat Jun 02, 2007 9:24 am Reply with quote
Hosam
Beginner
Beginner
Joined: Jun 02, 2007
Posts: 4




Hi everybody, I think I understand all these steps. But somthing is missing. as you all saying.

1- we have to get an infected forum
2- make your own php file with the php code and upload it to your website
3- chmod your php file and your log.txt file or whatever and but the in the same directory.
4- edit the expolit code with your php website.
* 5- then register in the forum and past the exploit code in a post?? or send it in a private msg to the forum admin?? which one?
6- Get the md5 code from your log.txt and replace your with this md5 passwd and the admin username in the cookie files
7- then close the IE and re-open it and you will get admin access.



lol I think I miss somthing :S can anyone of you guys please correct me and tell me whats missing and whats needed to be done? Smile appreciated.
View user's profile Send private message
phpBB 2.0.16 XSS Remote Cookie Disclosure Exploit
www.waraxe.us Forum Index -> PhpBB
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 8 of 8
Goto page Previous1, 2, 3, 4, 5, 6, 7, 8
Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.035 Seconds