Waraxe IT Security Portal
Login or Register
October 9, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 74
Members: 0
Total: 74
Full disclosure
APPLE-SA-10-03-2024-1 iOS 18.0.1 and iPadOS 18.0.1
Some SIM / USIM card security (and ecosystem) info
SEC Consult SA-20240930-0 :: Local Privilege Escalation via MSI Installer in Nitro PDF Pro (CVE-2024-35288)
Backdoor.Win32.Benju.a / Unauthenticated Remote CommandExecution
Backdoor.Win32.Prorat.jz / Remote Stack Buffer Overflow (SEH)
Backdoor.Win32.Amatu.a / Remote Arbitrary File Write (RCE)
Backdoor.Win32.Agent.pw / Remote Stack Buffer Overflow (SEH)
Backdoor.Win32.Boiling / Remote Command Execution
Defense in depth -- the Microsoft way (part 88): a SINGLEcommand line shows about 20, 000 instances of CWE-73
SEC Consult SA-20240925-0 :: Uninstall Password Bypass in BlackBerry CylanceOPTICS Windows Installer Package (CVE-2024-35214)
Apple iOS 17.2.1 - Screen Time Passcode Retrieval (MitigationBypass)
CyberDanube Security Research 20240919-0 | Multiple Vulnerabilities in Netman204
Submit Exploit CVE-2024-42831
Stored XSS in "Edit Profile" - htmlyv2.9.9
Stored XSS in "Menu Editor" - htmlyv2.9.9
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> PhpBB -> l Goto page Previous1, 2
Post new topicReply to topic View previous topic :: View next topic
PostPosted: Sun Apr 09, 2006 11:08 am Reply with quote
Kw3rLn
Beginner
Beginner
Joined: Apr 01, 2006
Posts: 1




yea...put log.txt were cookies.php are
View user's profile Send private message
PostPosted: Sun Apr 09, 2006 5:27 pm Reply with quote
Aryan-Husky
Active user
Active user
Joined: Apr 03, 2006
Posts: 37




Your cookies.php script should make a file called log.txt automatically in the same directory.
View user's profile Send private message
PostPosted: Sun Apr 16, 2006 1:33 am Reply with quote
SicKn3sS
Regular user
Regular user
Joined: Apr 16, 2006
Posts: 14




Lol i dont mean to be a noob but i get this error with my server:

Code:
Warning: fopen(log.txt) [function.fopen]: failed to open stream: Permission denied in /mnt/storage/users/d/0/c/d0cuh3/pwnt.php on line 6

Warning: fwrite(): supplied argument is not a valid stream resource in /mnt/storage/users/d/0/c/d0cuh3/pwnt.php on line 11

Warning: fclose(): supplied argument is not a valid stream resource in /mnt/storage/users/d/0/c/d0cuh3/pwnt.php on line 12


I have a free PHP 5 server at www.host.sk. How can I set the permissions to let that PHP file write a log.txt?

K nvm all that I just used a different host this host.sk is full of bugs and always has parts down for maintainance, thanks so much for this help though.
View user's profile Send private message
PostPosted: Sun Apr 16, 2006 1:03 pm Reply with quote
dinho
Regular user
Regular user
Joined: Apr 15, 2006
Posts: 16




Well I have tryed it ... and worked fine but it doesn't show me the victim Cookies Rolling Eyes
I mean it shows the date , IP , and sometimes the link ...


Code:
IP: ***.***.***.***
Date and Time: 16 April, 2006, 7:57 am
Referer: http://www.localhost.com/phpbb2/viewtopic.php?p=1
Cookie:


as we can see the cookie side is empty, I don't know why Exclamation
View user's profile Send private message
PostPosted: Sun Apr 16, 2006 2:13 pm Reply with quote
SicKn3sS
Regular user
Regular user
Joined: Apr 16, 2006
Posts: 14




dinho wrote:
Well I have tryed it ... and worked fine but it doesn't show me the victim Cookies Rolling Eyes
I mean it shows the date , IP , and sometimes the link ...


Code:
IP: ***.***.***.***
Date and Time: 16 April, 2006, 7:57 am
Referer: http://www.localhost.com/phpbb2/viewtopic.php?p=1
Cookie:


as we can see the cookie side is empty, I don't know why Exclamation


It only gives you the cookies of where you were referred from so send it to someone and it should work fine.

This is what i got (I got like 10 because the dumb guy opened it like 10 times)

Code:
Date and Time: 16 April, 2006, 4:01 am
Referer: http://X.com/modules.php?name=Private_Messages&file=index&folder=inbox&mode=read&p=1249 Cookie: eqdkp_data=a:2:{s:13:\"auto_login_id\";s:0:\"\";s:7:\"user_id\";i:-1;}; Xforums_data=a:2:{s:11:\"autologinid\";s:0:\"\";s:6:\"userid\";s:2:\"94\";}; lang=english; user=OTQ6R3JpeWE6ZmU2MzE5NjhmMGNkNzFmMGIyODk2ZWFlYTM4MzY5NmQ6MTA6OjA6MDowOjA6OjQwOTY=; Xforums_sid=e8528ca60941211f34c8b723f4acbc85; Xforums_t=a:12:{i:1295;i:1145147084;i:1292;i:1145147109;i:1296;i:1145147137;i:1287;i:1145147166;i:691;i:1145147216;i:1277;i:1145147338;i:1231;i:1145147376;i:1275;i:1145147426;i:1270;i:1145147477;i:1234;i:1145147488;i:1212;i:1145147498;i:1300;i:1145171689;}
IP: **.***.***.***


How exactly do I make a cookie to use this can someone compile it for me? Im using some coockie editor firefox extension. Lol plz help fast before its too late.
View user's profile Send private message
PostPosted: Tue Apr 18, 2006 6:47 pm Reply with quote
syntax9
Active user
Active user
Joined: Dec 21, 2005
Posts: 33




nice hijack. but for the original post, oobiin is looking at the same targetas iam. ill match whatever he offers, so the reward is dbl'd.
View user's profile Send private message
PostPosted: Tue Apr 18, 2006 8:07 pm Reply with quote
SicKn3sS
Regular user
Regular user
Joined: Apr 16, 2006
Posts: 14




I thought there was a way to just post an image with bb code and it worked that way I saw something like that on milw0rm does anyone know how?
View user's profile Send private message
PostPosted: Tue Apr 18, 2006 8:27 pm Reply with quote
johnny
Regular user
Regular user
Joined: Mar 13, 2006
Posts: 13




Here is the scoop on this exploit:

- You put the cookies.php on YOUR server. Make it executable. Put the path to it in the string of HTML. Then make a blank text file called "log.txt" and make sure it has permissions 777 (read/write/execute for all).

- Add the string of HTML to the bottom of a post or PM that you make on the board. Make sure there is enough text above the string of HTML so that the HTML is at least 6 or 8 lines down (the reason being that if others search for your posts, the background color of the search results won't match the color of the HTML you inserted and your HTML code will be visible).

- Wait for someone to read your post.

- Then, IF the following are true, you will get the cookie:

1) They are using IE for Windows.
2) They have Autologin checked.

The cookie string that you get back in log.txt will be the 32 characters that follow the "s:32" in the string.

Submit this 32 characters to Milw0rm.com's cracker or to another online cracker to get the password. Not all passwords are crackable.

There.
View user's profile Send private message
PostPosted: Tue Apr 18, 2006 11:33 pm Reply with quote
SicKn3sS
Regular user
Regular user
Joined: Apr 16, 2006
Posts: 14




I used www.t35.com to make mine, all you have to do is upload the php file and post the exploit and it will work.
View user's profile Send private message
PostPosted: Sun May 07, 2006 1:37 pm Reply with quote
zolw
Beginner
Beginner
Joined: May 07, 2006
Posts: 1




but if on 2.0.17 forum HTML in posts is deactivated, what to do then?
View user's profile Send private message
PostPosted: Mon May 08, 2006 8:44 pm Reply with quote
Redempti0n
Beginner
Beginner
Joined: May 08, 2006
Posts: 2




zolw wrote:
but if on 2.0.17 forum HTML in posts is deactivated, what to do then?


I am having the same problem as well. Is it possible to post a URL to the PHP file and still obtain the cookie information? I have yet to test it on my forums, however, with HTML enabled, the XSS script works.
View user's profile Send private message
l
www.waraxe.us Forum Index -> PhpBB
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 2 of 2
Goto page Previous1, 2
Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.046 Seconds