|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
|
Yeh, I just figured out 13 chars long, letters and dotts: DES...
Thank you anyway, I felt noob for this
Hey couldn't go better than this, I also have plain-text now, try out these too
Fkbg6B ... |
|
|
|
|
I'm sure this is a crypted password but I don't know what kind of encription they used, anyone knows? or has any idea?
q77CNsF.mEMJ6 |
|
|
|
|
depends:
if the backend DB is MSSQL, you 'll have to correctly close the original query where you are injecting and then use stacked queries (query1;query2) to do whatever you wanna do. On mysql it ... |
|
|
|
|
Thank you very much, didn't have my equip with me to crack it. |
|
|
|
|
ff400fe178c6866d3da7397a1eb506a0
thank you |
|
|
|
|
Mostly you will have to re-enable xp_cmdshell on MSSQL 2005+ and sometime even in MSSQL 2000. Anyways, this is not easily done by hand, or at least it is quite tedious. I think you should read sql-nin ... |
|
|
|
|
if you're trying to execute commands through sql-injection remember you won't get any output from that DIR C:\ command, and I suggest you not to do that manually but using something such as MSF mssql_ ... |
|
|
|
|
the TRACE options MAY lead to XST, just google it.XST doesn't let you upload shells on the target directly. But exploiting XST you can manage to get a shell, or some kind of access later on. XST is si ... |
|
|
|
|
There's not a way to "learn" such things; the best advice one can give to you is this:
you have to know hacking is not something you learn; it is a state of mind, where you study something so indep ... |
|
|
|
|
well I meant if someone was able to crack it actually, sorry |
|
|
|
|
depends on what is the backend, anyways you can always try to bruteforce all character 0-255, before and after the number. If you see always the same result, you know you can't break that filter. If y ... |
|
|
|
|
I found this other thread where some fpd are given for phpBB, but they actually don't work on phpBB 3.0.8, does anyone know one for that version? |
|
|
|
|
Well if you run this php code
echo sha1(utf8_encode("test"))."\n";
echo sha1("test")."\n";
You 'll see how actually the two things ... |
|
|
Page 1 of 3 |
Goto page 1, 2, 3Next All times are GMT |
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|