|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 110
Members: 0
Total: 110
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
|
I must be very thankful to thou |
|
|
|
|
hi, I couldn't manage to either brute or wordlist this hash, I hope someone can get it.
hash: (done)
btw it's not salted |
|
|
|
|
Found another way in, never mind |
|
|
|
|
As far as i know, phpbb is checking IP address/session ID match. So if you have stolen sessionID, then you can't use it in most cases.
Now, there is something else you can try. If you can trick admin ... |
|
|
|
|
In the target forum I found a vulnerable php script which is prone to XSS.
I ve already coded what I need to get the administrator's cookies.
But before retrieving the admin's cookie, my question ... |
|
|
Page 1 of 1 |
All times are GMT |
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|