 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 66
 Members: 0
 Total: 66
|
|
|
|
|
|
Full disclosure |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
| mehu |
|
| Replies: 0 |
| Views: 4019 |
|
|
 |
|
 |
|
root:*542F0994E4371CC5E7EFD99A3A7560077595A5A4
Thank you in advance  |
|
|
|
| mehu |
|
| Replies: 5 |
| Views: 7776 |
|
|
|
|
|
|
| Sorry to disappoint you topy, but that isn't a valid hash. The forum is probably not vulnerable. |
|
|
|
| mehu |
|
| Replies: 1 |
| Views: 4754 |
|
|
|
|
|
|
xxx:ce66ee58c625cea00929362a95bbc422:iX]`]
xxx:4317458736cdbf2bdf8684d98cdbb425:UH&$+
xxx:3a57aaa767c4e6d1fdae0114cd8ae61f:&{>TC
xxx:cc3680e019282ad05356492b0231aa8a:96(Ws
xxx:a9d41d162 ... |
|
|
|
| mehu |
|
| Replies: 79 |
| Views: 156162 |
|
|
|
|
|
|
| Waraxe, can this exploit be used to fetch the users loginid (in some cases the display name differs from the login name) or email? And if so could you help me out with that? |
|
|
|
| mehu |
|
| Replies: 68 |
| Views: 128068 |
|
|
|
|
|
|
| Is it possible to fetch the users login name rather than memberid that will get me their display name. I'm asking because I have a admin pw cracked, but the admin's display name seems to differ from h ... |
|
|
|
| mehu |
|
| Replies: 4 |
| Views: 10106 |
|
|
|
|
|
|
Brute forcing salted hashes is pretty useless because of the high amount of time it takes, but I'd suggest you to try dictionary attack with good dictionaries.
Meanwhile I'll give those a try. |
|
|
|
| mehu |
|
| Replies: 4 |
| Views: 7619 |
|
|
|
|
|
|
| Did you get these from a forum? And if so then what type of forum? (IPB, vBulletin, phpbb?) |
|
|
|
| mehu |
|
| Replies: 6 |
| Views: 10299 |
|
|
|
|
|
|
| Works like a charm. Thanks! |
|
|
|
| mehu |
|
| Replies: 6 |
| Views: 10299 |
|
|
|
|
|
|
Table ibf_members
id, name, mgroup, email, joined, ip_address, posts, title, allow_admin_mails, time_offset, hide_email, email_pm, email_full, skin, warn_level, warn_lastwarn, language, last_post, ... |
|
|
|
| mehu |
|
| Replies: 6 |
| Views: 10299 |
|
|
|
|
|
|
Table 'ibf_members' column 'name'
Table 'ibf_members_converge' columns 'converge_pass_hash' 'converge_pass_salt' |
|
|
|
| mehu |
|
| Replies: 68 |
| Views: 128068 |
|
|
|
|
|
|
| I have to say, this is a brilliant script. Really well done waraxe! |
|
|
|
| mehu |
|
| Replies: 6 |
| Views: 10299 |
|
|
|
|
|
|
Hey,
When extracting tables with usernames/hashes/salts from IPB database I have found that the passwords and salts are in two different tables. The problem is I can only get either username:email: ... |
|
|
| Page 1 of 1 |
All times are GMT |
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
