 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 89
 Members: 0
 Total: 89
|
|
|
|
|
|
Full disclosure |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
 Forum:PhpBB Posted: Mon Mar 02, 2009 5:34 am Subject: PhpBB3 |
|
|
| na85 |
|
| Replies: 8 |
| Views: 16948 |
|
|
 |
|
 |
|
So are there any tools for brute forcing or otherwise cracking those hashes?
and I don't understand md5(phpbb3)
is phpbb3 a custom hash function that phpbb3's devs wrote? |
|
|
|
| na85 |
|
| Replies: 8 |
| Views: 8968 |
|
|
|
|
|
|
Ok for other noobs out there who may read this:
The site I am working on attacking is http://target.site.com, so on waraxe's and x3roconf's advice, I tried http://www.site.com to get another websit ... |
|
|
|
| na85 |
|
| Replies: 8 |
| Views: 8968 |
|
|
|
|
|
|
| The forums are the same as the ones on http://sports.flakhabit.com/forum/index.php (i'm trying to avoid posting the actual site I'm trying to hit... can I do that?) |
|
|
|
| na85 |
|
| Replies: 8 |
| Views: 8968 |
|
|
|
|
|
|
| So I have a site where the admin has been AWOL for almost a year now, and I want to try to get admin rights. The problem is that since he's missing and doesn't answer emails, social engineering trick ... |
|
|
|
| na85 |
|
| Replies: 3 |
| Views: 6713 |
|
|
|
|
|
|
7c0c19d7539733eb9d0d987df97ac7cb
Is there an easy way to tell if it's salted?
Not by just the hash. But you can tell by looking at where you got the hash from.
It came from phpbb 2.0.22, whic ... |
|
|
|
| na85 |
|
| Replies: 3 |
| Views: 6713 |
|
|
|
|
|
|
7c0c19d7539733eb9d0d987df97ac7cb
Is there an easy way to tell if it's salted? |
|
|
|
| na85 |
|
| Replies: 0 |
| Views: 5867 |
|
|
|
|
|
|
Hi guys
I have a target that I'd like to break into. They're running phpbb 2.0.13, and no mods installed.
None of the milw0rm sploits I've tried have worked. (some were from newer versions lik ... |
|
|
|
| na85 |
|
| Replies: 1 |
| Views: 6204 |
|
|
|
|
|
|
| Is there an easy way (or any way) to determine if a hash is salted? |
|
|
|
| na85 |
|
| Replies: 0 |
| Views: 5792 |
|
|
|
|
|
|
| I was debating on setting up a linux box to crack some hashes that contain symbols and mixed caps/lowercase (see my other thread) and I was wondering if it is possible/if it would be worth it to gener ... |
|
|
|
| na85 |
|
| Replies: 2 |
| Views: 7492 |
|
|
|
|
|
|
| I should add that I haven't submitted it to plain-text because they only have 11/28 comps online and apparently they aren't accepting submissions. |
|
|
|
| na85 |
|
| Replies: 2 |
| Views: 7492 |
|
|
|
|
|
|
I suspect it contains a combination of lower/upper alpha, numeric, and most likely symbols.
I've tried wordlists and dictionary attacks to no avail. Would anyone be up to trying this hash?
bcb2 ... |
|
|
|
| na85 |
|
| Replies: 3 |
| Views: 8343 |
|
|
|
|
|
|
I believe it's the result of a uniqid() function that combines a user's last IP, last login and SID.
If someone could gather that information, would it be possible to generate the same cookie? |
|
|
|
| na85 |
|
| Replies: 3 |
| Views: 8343 |
|
|
|
|
|
|
Hi all, I'm na85, and I'm new but hoping to learn some skills soon 
I recently tried to log in to a phpbb site (recent version, 2.0.19) as another user via the cookie method. After being urldeco ... |
|
|
| Page 1 of 1 |
All times are GMT |
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
