 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 180
 Members: 0
 Total: 180
|
|
|
|
|
|
Full disclosure |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
|
| Ok, so lets say hypothetically that a hacker has compromised your phpNuke account and has achieved super admin access. Would there be a way of discovering the location of your database, or database ... |
|
|
|
|
found out a solution
While I couldn't figure out how to display both, I did figure out how to display the username in the same order the passwords are displayed.
http://localhost/modules.php?nam ... |
|
|
|
|
sorry if that came out wrong..
I was wondering if there was a way to get the hash for a specific user id.
I've tried:
http://[site here]/modules.php?name=Top&querylang=union%20select%200, ... |
|
|
|
|
Well I've tried
http://[site here]/modules.php?name=Top&querylang=union%20select%200,pwd,0,0%20from%20nuke_users%20where%20user_id=MYNAME
and it turns up no results. Is my syntax wrong?
... |
|
|
|
|
Also I noticed wit hthe users that the hashes don't match up with the user names when I display them...
I'm not sure how I would format the query to search for a hash based on a user name... Anyone ... |
|
|
 Forum:PhpBB Posted: Wed Nov 02, 2005 3:54 am Subject: no dice |
|
|
|
unfortunately, there is only one admin
This is actually the exploit I used to get the hashes in the first place. Does this mean I'm screwed? |
|
|
|
|
I'm working off of a board with php-Nuke. It appears to be using version 7.0, and a yet to be identified version of phpBB.
I read the cookie tutorial in this forum, but it appears to be missing cr ... |
|
|
| Page 1 of 1 |
All times are GMT |
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
