Waraxe IT Security Portal
Login or Register
July 20, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 121
Members: 0
Total: 121
Full disclosure
[KIS-2024-06] XenForo <= 2.2.15 (Template System) Remote Code Execution Vulnerability
[KIS-2024-05] XenForo <= 2.2.15 (Widget::actionSave) Cross-Site Request Forgery Vulnerability
CVE-2024-33326
CVE-2024-33327
CVE-2024-33328
CVE-2024-33329
CyberDanube Security Research 20240703-0 | Authenticated Command Injection in Helmholz Industrial Router REX100
SEC Consult SA-20240627-0 :: Local Privilege Escalation via MSI installer in SoftMaker Office / FreeOffice
SEC Consult SA-20240626-0 :: Multiple Vulnerabilities in Siemens Power Automation Products
Novel DoS Vulnerability Affecting WebRTC Media Servers
APPLE-SA-06-25-2024-1 AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8
40 vulnerabilities in Toshiba Multi-Function Printers
17 vulnerabilities in Sharp Multi-Function Printers
SEC Consult SA-20240624-0 :: Multiple Vulnerabilities allowing complete bypass in Faronics WINSelect (Standard + Enterprise)
SEC Consult SA-20240620-0 :: Arbitrary File Upload in edu-sharing (metaVentis GmbH)
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> Invision Power Board -> IPB <= 2.3.5 sql injection hash/salt fetching exploit Goto page Previous1, 2, 3, 4, 5Next
Post new topicReply to topic View previous topic :: View next topic
Re: hello
PostPosted: Tue Sep 23, 2008 12:57 am Reply with quote
waraxe
Site admin
Site admin
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




XXxxImmortalxxXX wrote:
hello thanks for hte exploit as i am running 2.3.5 i tryed ur script and it didnt hack my account is there some way we can do a chat session and i let u try to do the attack on my site and see if u gain access to it? add me on msn

scyther777@live.com

if u dont midn


Code:

User ID: 1
Hash: 766ee790c52c18c10718d82e7bd830d4
Salt: &_]p"


Rolling Eyes
View user's profile Send private message Send e-mail Visit poster's website
Re: hello
PostPosted: Tue Sep 23, 2008 1:25 am Reply with quote
Irakirashia
Beginner
Beginner
Joined: Sep 22, 2008
Posts: 2




waraxe wrote:
XXxxImmortalxxXX wrote:
hello thanks for hte exploit as i am running 2.3.5 i tryed ur script and it didnt hack my account is there some way we can do a chat session and i let u try to do the attack on my site and see if u gain access to it? add me on msn

scyther777@live.com

if u dont midn


Code:

User ID: 1
Hash: 766ee790c52c18c10718d82e7bd830d4
Salt: &_]p"


Rolling Eyes


Inmortal, anyways, you don't "hack" with this. You still have to decript the hash, separate the salt from the hashed password, and decrypt it again ;x

Good luck on doing that without the apropiate software. What I did was dumping the whole database of my target, so I can have the md5's & salts saved in case they fix the vulnerability. And then...with time and good tools just crack the hashes ;x
View user's profile Send private message
PostPosted: Tue Sep 23, 2008 4:21 am Reply with quote
Toxicated
Regular user
Regular user
Joined: Sep 22, 2008
Posts: 9




Good job Axe Smile Thanks a lot for this. Now for the cracking part...
View user's profile Send private message
PostPosted: Tue Sep 23, 2008 2:18 pm Reply with quote
mehu
Regular user
Regular user
Joined: Sep 23, 2008
Posts: 12




I have to say, this is a brilliant script. Really well done waraxe! Smile
View user's profile Send private message
PostPosted: Tue Sep 23, 2008 2:35 pm Reply with quote
new2world
Beginner
Beginner
Joined: Sep 23, 2008
Posts: 1




i am having this error i am new to this hacking world soo please guide me i have already found a forum by testing the url u gave me but when it tried to run exploit i am this error

C:\php\php4>php.exe -q hack1.php
PHP Warning: dl() [<a href='function.dl'>function.dl</a>]: Unable to load dynam
ic library './php_curl.dll' - The specified procedure could not be found.
in C:\php\php4\hack1.php on line 44
Curl extension not loaded!
Fatal exit ...


i am using windows xp system
so can any one help me please waiting for reply
bye
View user's profile Send private message
PostPosted: Tue Sep 23, 2008 8:48 pm Reply with quote
stereoa
Beginner
Beginner
Joined: Sep 23, 2008
Posts: 4




Ughh. I am trying to insert a for loop around the main part of the script, but it can't reference the global variables or I get T_SCRIPT errors. Help all us PHP noobs.
View user's profile Send private message
PostPosted: Tue Sep 23, 2008 8:49 pm Reply with quote
waraxe
Site admin
Site admin
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




new2world wrote:
i am having this error i am new to this hacking world soo please guide me i have already found a forum by testing the url u gave me but when it tried to run exploit i am this error

C:\php\php4>php.exe -q hack1.php
PHP Warning: dl() [<a href='function.dl'>function.dl</a>]: Unable to load dynam
ic library './php_curl.dll' - The specified procedure could not be found.
in C:\php\php4\hack1.php on line 44
Curl extension not loaded!
Fatal exit ...


i am using windows xp system
so can any one help me please waiting for reply
bye


You have to edit php.ini file (it's usually located in windows folder).

Code:


; Directory in which the loadable extensions (modules) reside.

extension_dir = "./ext"



Code:

extension=php_curl.dll


Let me know about results ...
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Tue Sep 23, 2008 8:51 pm Reply with quote
waraxe
Site admin
Site admin
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




stereoa wrote:
Ughh. I am trying to insert a for loop around the main part of the script, but it can't reference the global variables or I get T_SCRIPT errors. Help all us PHP noobs.


Your intentions? Multi ID mode? This will be implemented in exploit's next version, very soon Smile
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Tue Sep 23, 2008 9:07 pm Reply with quote
martin1
Regular user
Regular user
Joined: Sep 21, 2008
Posts: 17




nice one waraxe cant wait for it Twisted Evil
View user's profile Send private message
PostPosted: Wed Sep 24, 2008 12:11 pm Reply with quote
waraxe
Site admin
Site admin
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




Here is the new version, with multi ID's support:

http://www.waraxe.us/ftopict-3340.html

Smile
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Mon Sep 29, 2008 4:35 pm Reply with quote
mehu
Regular user
Regular user
Joined: Sep 23, 2008
Posts: 12




Is it possible to fetch the users login name rather than memberid that will get me their display name. I'm asking because I have a admin pw cracked, but the admin's display name seems to differ from his login name.
View user's profile Send private message
PostPosted: Mon Sep 29, 2008 10:07 pm Reply with quote
SnIpEr
Active user
Active user
Joined: Sep 25, 2008
Posts: 37




Meh, I feel like an idiot for asking, but here's my question.

How do I run the script? Here's what I've done so far in editing the .php file (the exploit):

$url = 'http://thenameoftheforum.com/Forums/index.php?act=idx';
$id = 1;// ID of the target user, default value "1" is admin's ID
$prefix = 'ibf_';// IPB table prefix, default is "ibf_"
# Proxy settings
# Be sure to use proxy Smile
//$proxy_ip_port = '127.0.0.1:8118';
//$proxy_user_password = 'someuser:somepassword';
$outfile = './ipblog.txt';// Log file

Is that right, or do I have to edit it further (I added "thenameoftheforum.com", obviously)

The other thing is, what's the command to run this thing? I named the file IPB.php, and I put it in this folder path:

C:\PHP\IPB.php

Do I run that from the PHP Command prompt I get when I press php.exe, or a command prompt in Windows?

I feel so n00b, please help ) :
View user's profile Send private message
PostPosted: Tue Sep 30, 2008 10:07 am Reply with quote
raveenbi
Beginner
Beginner
Joined: Sep 30, 2008
Posts: 1




i am a newbie please clarify following..

!) if the target forum is in Linux/Unix is this work?
2) where i can add target forum url in this script.
3)where i can see the outputs.

Sorry if i am asking stupid questions.Thanks in advance.
View user's profile Send private message
PostPosted: Sun Oct 05, 2008 6:37 am Reply with quote
BaH
Regular user
Regular user
Joined: Oct 05, 2008
Posts: 7
Location: stPeterburg




Hallo!! Thank`s for xploid!! plz help!!
corrected php.ini and added php_curl.dll!
Code:
C:\Documents and Settings\bombo>c:\php\php.exe c:\ipb.php
PHP Warning: PHP Startup: curl: Unable to initialize module
Module compiled with module API=20001222, debug=0, thread-safety=1
PHP compiled with module API=20060613, debug=0, thread-safety=1
These options need to match
in Unknown on line 0
PHP Warning: dl(): curl: Unable to initialize module
Module compiled with module API=20001222, debug=0, thread-safety=1
PHP compiled with module API=20060613, debug=0, thread-safety=1
These options need to match
in C:\ipb.php on line 44
Curl extension not loaded!
Fatal exit ...
As it can be repaired?
View user's profile Send private message ICQ Number
PostPosted: Sun Oct 05, 2008 6:58 am Reply with quote
BaH
Regular user
Regular user
Joined: Oct 05, 2008
Posts: 7
Location: stPeterburg




2sniper:
1)write the site name :
vasyalol.com or forum.vasyalol.com orr vasyalol.com /forum/ !!!
2)Use cmd.exe in the start-up menu there it is necessary to specify a way to php.exe and youxploid.php!!
SoRRy on my English i`m Russian @_@!
View user's profile Send private message ICQ Number
IPB <= 2.3.5 sql injection hash/salt fetching exploit
www.waraxe.us Forum Index -> Invision Power Board
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 3 of 5
Goto page Previous1, 2, 3, 4, 5Next
Post new topicReply to topic


Powered by phpBB 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.126 Seconds