Waraxe IT Security Portal
Login or Register
November 22, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 66
Members: 0
Total: 66
Full disclosure
APPLE-SA-11-19-2024-5 macOS Sequoia 15.1.1
Local Privilege Escalations in needrestart
APPLE-SA-11-19-2024-4 iOS 17.7.2 and iPadOS 17.7.2
APPLE-SA-11-19-2024-3 iOS 18.1.1 and iPadOS 18.1.1
APPLE-SA-11-19-2024-2 visionOS 2.1.1
APPLE-SA-11-19-2024-1 Safari 18.1.1
Reflected XSS - fronsetiav1.1
XXE OOB - fronsetiav1.1
St. Poelten UAS | Path Traversal in Korenix JetPort 5601
St. Poelten UAS | Multiple Stored Cross-Site Scripting in SEH utnserver Pro
Apple web content filter bypass allows unrestricted access to blocked content (macOS/iOS/iPadOS/visionO S/watchOS)
SEC Consult SA-20241112-0 :: Multiple vulnerabilities in Siemens Energy Omnivise T3000 (CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879)
Security issue in the TX Text Control .NET Server for ASP.NET.
SEC Consult SA-20241107-0 :: Multiple Vulnerabilities in HASOMED Elefant and Elefant Software Updater
Unsafe eval() in TestRail CLI
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> PhpBB -> admin rights, harsh reality?
Post new topicReply to topic View previous topic :: View next topic
admin rights, harsh reality?
PostPosted: Tue Nov 01, 2005 3:51 am Reply with quote
Thuleman
Beginner
Beginner
Joined: Nov 01, 2005
Posts: 4




Folks,

I am in somewhat of a pickle. I created a msg board in 04/2004. I retired from the game the board is for in 11/2004 and gave admin rights and billing for the hosting accout to a fellow player. He was running the board just fine till he went MIA around 05/2005.

He is still paying for the web hosting, as the site remains online. But he has not checked his PM since 05/2005 (outbox). Attempts to contact him through the hosting company have failed as they say they can't do anything because the account is his and his contact info is no one's business.

I have full control over the domain name, so I could simply point it elsewhere and the users would follow to a new board, most of them anyway. The problem is that the board has a good history, some 4300 users (of course only a 10th of them check the boards daily). 260k posts. I don't want to lose all that stuff by starting a new board with a different host.

I have patched phpBB to 2.0.12 or .13 myself back in the day. I have also made sure that the footers read 2.0.10 even though it was patched above that. I did delete the /docs and pretty much did everything to secure the board as good as possible.

I tried the LiveHeaders exploit (adjusted the values for the current admin who's user #79), and it didn't work. I know that the current admin patched to at least .15 if not higher.

Is there anything I can realistically do to get admin access? I obviously have a user account, I also have a mod account, I don't have admin access myself anymore (kinda obvious too).

I did check the hosting and mysql db pws and they have been changed (as I would have expected), the current admin is no idiot, it's just that he is MIA.

Is my only option to exploit the DB access, download the DB and just start over elsewhere?

Edit: Please do not PM me asking which site it is or offer to do try and gain admin yourself. No offense, but I'd rather have the anarchy on the boards and the posts are all still there, than some 3rd party logging in and deleting the whole thing. Hope you understand, but every one of those 4300 reg users is important to me and they don't deserve to be shafted just cause one guy went MIA.
View user's profile Send private message
PostPosted: Tue Nov 01, 2005 4:56 am Reply with quote
shai-tan
Valuable expert
Valuable expert
Joined: Feb 22, 2005
Posts: 477




np about the asking of the url. No one does that here unless they are approached with a url.

What version was it when you left it?
Was it updated in the time the new admin owned it?


Shai-tan

_________________
Shai-tan

?In short: just say NO TO DRUGS, and maybe you won?t end up like the Hurd people.? -- Linus Torvalds
View user's profile Send private message
PostPosted: Tue Nov 01, 2005 5:18 am Reply with quote
Thuleman
Beginner
Beginner
Joined: Nov 01, 2005
Posts: 4




I would assume it was updated to something hihger than 2.0.15 because the Database Authentication Details Exploit only returns:

Code:
[+] Connecting OK
[+] Sending exploit OK
[+] Database Host:
[+] Database Name:
[+] Username:
[+] Password:


It's kind of wierd, because it doesn't say FAILED, but it also doesn't display values for the blank variables.
I do actually know the DB host, the DB name, and the username, I just don't know the DB pw.
So backing up the database seems out of the question as well.
View user's profile Send private message
PostPosted: Tue Nov 01, 2005 5:24 am Reply with quote
shai-tan
Valuable expert
Valuable expert
Joined: Feb 22, 2005
Posts: 477




Yes a lot of remote exploits come up with nulls or nothings. Not sure really what you can do but wait for new exploits. Or you could ask some of the other users if they have his email addy.

_________________
Shai-tan

?In short: just say NO TO DRUGS, and maybe you won?t end up like the Hurd people.? -- Linus Torvalds
View user's profile Send private message
PostPosted: Tue Nov 01, 2005 5:34 am Reply with quote
Thuleman
Beginner
Beginner
Joined: Nov 01, 2005
Posts: 4




I have his email that he is registered at Paypal with, but no response and no bounce either (not a free email, but one from a real ISP). Guess I could call that ISP and try with some social engineering, but I also don't want the ISP to call the FIBI on me. LOL

The cookie grabber doesn't do anything for me since the admin never logs in anymore.

May give it a couple more weeks and perhaps do start over from scratch elsewhere.
View user's profile Send private message
PostPosted: Tue Nov 01, 2005 5:40 am Reply with quote
shai-tan
Valuable expert
Valuable expert
Joined: Feb 22, 2005
Posts: 477




Yeah thats your best bet cause its more legal todo to. lolz.
Hope all goes well. Tell me how you get on.

Shai-tan

_________________
Shai-tan

?In short: just say NO TO DRUGS, and maybe you won?t end up like the Hurd people.? -- Linus Torvalds
View user's profile Send private message
PostPosted: Wed Nov 02, 2005 1:33 am Reply with quote
Thuleman
Beginner
Beginner
Joined: Nov 01, 2005
Posts: 4




Social engineering 4tw!
Ok, so I knew the admins real name. Peoplefinder was worthless. I searched through the board for post he had made and that had the word 'work' in them. I found his old place of employment (national chain). I started calling their stores in the state of NJ (knew that the admin lives there). The first couple were bust, the thrid one said the guy used to work there but was transfered to a different store. Got number for new store. It's was his day off. Talked the lady on the phone into giving me his cell phone number.

Called the admin!!! Wheee!!! Got it all sorted out, he will transfer admin rights to me tonight. He had too much real life shit going on to even worry about msg boards and games anymore.
View user's profile Send private message
PostPosted: Wed Nov 02, 2005 2:13 am Reply with quote
shai-tan
Valuable expert
Valuable expert
Joined: Feb 22, 2005
Posts: 477




Good stuff man. You did it the legal way to so its much better than trying to explain that you cracked his site. Well good luck on the site and I hope you do well. Wink


Shai-tan

_________________
Shai-tan

?In short: just say NO TO DRUGS, and maybe you won?t end up like the Hurd people.? -- Linus Torvalds
View user's profile Send private message
admin rights, harsh reality?
www.waraxe.us Forum Index -> PhpBB
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 1 of 1

Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.045 Seconds