| 
  
    | 
	|  | Menu |  |  
     
     | 
      
       | 
        
         | 
          
           | 
						|  |  |  Home |  |  |  |  |  |  |  |  Discussions |  |  |  |  |  |  |  |  Tools |  |  |  |  |  |  |  |  Affiliates |  |  |  |  |  |  |  |  Content |  |  |  |  |  |  |  |  Info |  |  |  |  |  |  |  |  |  |  
  
    | 
	|  | User Info |  |  
     
     | 
      
       | 
        
         | 
          
           |  Membership: 
  Latest: MichaelSnaRe 
  New Today: 0 
  New Yesterday: 0 
  Overall: 9144 
 
  People Online: 
  Visitors: 84 
  Members: 0 
  Total: 84 
 |  |  |  |  |  
  
    | 
	|  | Full disclosure |  |  |  | 
  
    | 
	|  |  |  |  
        
          | 
              
                | 
                    
                      | 
                          
                            | 
	| 
	
		|  |  |  
		|  | IT Security and Insecurity Portal |  |  
 
	|  | Authentication: admin's cookies |  |  
	| 
	
		|  Posted: Fri May 21, 2004 4:53 am |   |  |  
	| 
	
		| 
		
			| 
			
				| 
				| blitz |  | Beginner |  |  
  |  |  |  | Joined: May 21, 2004 |  | Posts: 4 |  |  |  |  
 
 |  |  
			|  |  |  
 
 | 
		
			|  	  | Quote: |  	  | Array
 (
 [POSTNUKESID] => aad70a130030f49525839a53044052a3
 [phpbb2mysql_data] => a:2:{s:11:"autologinid";N;s:6:"userid";s:1:"2";}
 [user] => PostNukeUser // user nic
 [loginkey] => ca478ccd2a22fe8b7e0ce30dbc797758 // md5 hashed password
 )
 
 | 
 well, I know the admin values for [user] and [loginkey]
 so, it seems trivial to manipulate with cookies to log in as admin
 
 
 but PostNuke seems doesn't take care of [loginkey] and [user]
 
 /me first registered and logged as userAAA
 the only cookie was created - POSTNUKESID
 
 several days after opened the site in question
 and was authenticated on the site as userAAA
 and still, no [loginkey] and [user] cookie for this site
 
 the question is:
 is it true that Postnuke authenticate users _only_ by POSTNUKESID cookie ?
 /compares with POSTNUKESID value, saved in database obviously/
 
 and if so, how one logs in as admin knowing admin's [user] and [loginkey] ?
 any ideas ?
 
  |  |  
		|  |  |  
	|  |  |  | 
 
	|  |  |  |  
	| 
	
		|  Posted: Fri May 21, 2004 10:34 am |   |  |  
	| 
	
		| 
		
			| 
			
				| 
				| waraxe |  | Site admin |  |  
  |  |  |  | Joined: May 11, 2004 |  | Posts: 2407 |  | Location: Estonia, Tartu |  |  
 
 |  |  
			|  |  |  
 
 | 
		
			| PostNuke is more secure than PhpNuke, and uses session identificators for saving the logged-in state. So knowing admin's password md5 hash can't let you directly in. Only thing you can do is hope to crack the md5 hash with bruteforce or wordlist attack (if password is not good enough). |  |  
		|  |  |  
	|  |  
	|  | heh |  |  
	| 
	
		|  Posted: Fri May 21, 2004 10:50 am |   |  |  
	| 
	
		| 
		
			| 
			
				| 
				| icenix |  | Advanced user |  |  
  |  |  |  | Joined: May 13, 2004 |  | Posts: 106 |  | Location: Australia |  |  
 
 |  |  
			|  |  |  
 
 | 
		
			| bruteforcing... if you got a spare computer its the best thing in the world..
 i suggest Rainbow crack...but it really emphasises the time - memory trade off..
 
 if you got the space and an old computer. your cooking with gas
  |  |  
		|  |  |  
	|  |  
	| 
	
		|  Posted: Fri May 21, 2004 10:59 am |   |  |  
	| 
	
		| 
		
			| 
			
				| 
				| waraxe |  | Site admin |  |  
  |  |  |  | Joined: May 11, 2004 |  | Posts: 2407 |  | Location: Estonia, Tartu |  |  
 
 |  |  
			|  |  |  
 
 | 
		
			| Rainbow crack is promising thing, thats for sure. |  |  
		|  |  |  
	|  |  
	| 
	
		|  Posted: Fri May 21, 2004 3:24 pm |   |  |  
	| 
	
		| 
		
			| 
			
				| 
				| blitz |  | Beginner |  |  
  |  |  |  | Joined: May 21, 2004 |  | Posts: 4 |  |  |  |  
 
 |  |  
			|  |  |  
 
 | 
		
			|  	  | waraxe wrote: |  	  | ... and uses session identificators for saving the logged-in state. | 
 that's it !
 
 at first, individu logs in as usually user:pass
 Postnuke generates [POSTNUKESID] and stores locally in DB and remotely on client's PC - cookie, right ?
   
 if so, then it's _very secure_ approach indeed,
 coz [POSTNUKESID] will be 32-bit random number, which makes b/forcing impossible and it hasn't any relation nor with [user] neither with [loginkey].
 
 Rainbow Crack or PasswordPro for [loginkey] then ))
 |  |  
		|  |  |  
	|  |  
	| 
	
		|  Posted: Sun Jun 27, 2004 10:37 pm |   |  |  
	| 
	
		| 
		
			| 
			
				| 
				| kranium |  | Regular user |  |  
  |  |  |  | Joined: Jun 27, 2004 |  | Posts: 7 |  |  |  |  
 
 |  |  
			|  |  |  
 
 | 
		
			|  	  | waraxe wrote: |  	  | Rainbow crack is promising thing, thats for sure. | 
 
 why not create a community in this forum where we can build a big rainbow table for our use?? with eachone effort it's not so difficult to build a big enough table!
 
 waraxe, what do you think?
 |  |  
		|  |  |  
	|  |  
	|  | Sounds Like A good Deal! |  |  
	| 
	
		|  Posted: Mon Jun 28, 2004 12:17 pm |   |  |  
	| 
	
		| 
		
			| 
			
				| 
				| slimjim100 |  | Valuable expert |  |  
  |  |  |  | Joined: Jun 09, 2004 |  | Posts: 208 |  | Location: USA |  |  
 
 |  |  
			|  |  |  
 
 | 
		
			| I have been making the Tables for a while now. I am willing to share mine but the biggest problem with the tables is the size. Unless we can get someone with a large enough FTP server that can donate the bandwidth and space. Now I have access to an FTP but limited bandwidth. If there is enough interest I could put another FTP up and post my tables this would be off a cable modem service so bandwidth is still limited to 256k upload. If I did that then I would want people to upload there tables too so we could have a full data base. Well let me know what yall think. If sounds good we could just have all interested people join a little group. The group would have of list of tables to make and each member would pick a table and start making it, once done upload the table to the ftp. Once all the tables are uploaded I could burn DVD?s of the tables and send them to the members that helped. If this sounds good just e-mail me and we could get this thing going. (slimjim100(at)hotmail(dot)com). 
 Slimjim100
 |  |  
		|  |  |  
	|  |  |  | 
 
	|  |  |  |  
	| 
	
		|  Posted: Mon Jun 28, 2004 12:45 pm |   |  |  
	| 
	
		| 
		
			| 
			
				| 
				| vocal |  | Regular user |  |  
  |  |  |  | Joined: Jun 13, 2004 |  | Posts: 18 |  |  |  |  
 
 |  |  
			|  |  |  
 
 | 
		
			| there 's a spare cluster around here, so we could help. We are on exams now, so we 'll start in about 10 days  |  |  
		|  |  |  
	|  |  
	| 
	
		|  Posted: Mon Jun 28, 2004 3:42 pm |   |  |  
	| 
	
		| 
		
			| 
			
				| 
				| slimjim100 |  | Valuable expert |  |  
  |  |  |  | Joined: Jun 09, 2004 |  | Posts: 208 |  | Location: USA |  |  
 
 |  |  
			|  |  |  
 
 | 
		
			| Dose that mean you can start making tables or storing them for FTP? If you mean Making tables, I'm not sure if rainbow crack supports *nix (you said cluster so I assume you are running a *nix cluster Right?). Let me know if ya need any help! 	  | Quote: |  	  | there 's a spare cluster around here, so we could help. We are on exams now, so we 'll start in about 10 days | 
 
 Slimjim100
  |  |  
		|  |  |  
	|  |  
	| 
	
		|  Posted: Mon Jun 28, 2004 5:40 pm |   |  |  
	| 
	
		| 
		
			| 
			
				| 
				| kranium |  | Regular user |  |  
  |  |  |  | Joined: Jun 27, 2004 |  | Posts: 7 |  |  |  |  
 
 |  |  
			|  |  |  
 
 | 
		
			| if you start this thing, I'm on it with a friend  Pentium4 3,5Ghz + Centrino 1,5Ghz + 2 x Athlon 2200+ all working for you   
 there must be organization in table managment... if we could make a list of command lines, and each one pick one and calculate him, and upload it... someone has to decide de size, the charset and give a list of correct command lines to execute...
 
 errr sorry my bad bad english
  |  |  
		|  |  |  
	|  |  
	|  | Well if we get this thing going.. |  |  
	| 
	
		|  Posted: Mon Jun 28, 2004 6:00 pm |   |  |  
	| 
	
		| 
		
			| 
			
				| 
				| slimjim100 |  | Valuable expert |  |  
  |  |  |  | Joined: Jun 09, 2004 |  | Posts: 208 |  | Location: USA |  |  
 
 |  |  
			|  |  |  
 
 | 
		
			| If we get this thing going I could put up a small webpage. I have a domain on stand by with a FullXML site ready to be configured. Any body want to help design it? I can set you up as Admin so you can update and make the pages. There we could have a member?s area with the rainbow table list. I could also put a brief walk thought for those that don't know how to use Rainbow crack. The domain is http://www.midga.org feel free to go look I haven't set it up yet but if anyone would like to help feel free to e-mail me slimjim100(at)hotmail.com. 
 Slimjim100
   
 Not sure if my FTP will have the bandwidth for large tables being uploaded anyone have an FTP server they could share?
 |  |  
		|  |  |  
	|  |  |  | 
 
	| www.waraxe.us Forum Index -> PostNuke 
 
	
		| You cannot post new topics in this forum You cannot reply to topics in this forum
 You cannot edit your posts in this forum
 You cannot delete your posts in this forum
 You cannot vote in polls in this forum
 
 | All times are GMT Page 1 of 1
 
 |  |  
	|  |  
 Powered by phpBB © 2001-2008 phpBB Group
 
 
 
 
 |  |  |  |  |  |