 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
 |
Phpbb Forums |
 |
 Posted: Sun Nov 18, 2007 3:06 pm |
 |
|
| Avidlearner |
| Beginner |
 |
|
| Joined: Nov 18, 2007 |
| Posts: 3 |
|
|
|
 |
|
 |
|
I semi-followed the 'How to use gathered md5 hash? Step-by-step tutorial 4 n00bs' and understand that it's from 2004. I'm trying to 'hack' a phpbb forum basically.. which I don't think I'm allowed to link to. Anyway, if I want to get into another user's account would hashes be the way forward?
Finally, my intent is to cause havoc really, for revenge and because I feel it deserves it anyway. If anybody could lend some help on how to do anything to damage it I'd be grateful. I'm, to be honest, a script kiddie so far so... as my name suggests, I would like to learn. |
|
|
|
|
|
|
|
|
| Posted: Sun Nov 18, 2007 3:18 pm |
|
|
| waraxe |
| Site admin |
 |
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
First - is it stand-alone forum, where admin has absolute control over phpbb, or it is some "free forum", which is hosted by professionals? If it's "free forum", then hacking chances are slim.
Second - try to determine phpbb version - older versions can be exploitable, new versions are more secured. And try to find possible co-located websites on target server - they can be used as "back door" in attacking process. |
|
|
|
|
|
|
|
|
| Posted: Sun Nov 18, 2007 3:30 pm |
|
|
| Avidlearner |
| Beginner |
|
|
| Joined: Nov 18, 2007 |
| Posts: 3 |
|
|
|
|
|
|
|
| Thanks for the advice, I'm pretty much sure that its a 'stand-alone' forum. But.. now it shows I have little skills of my own, and I'm a script kiddie, I can't even determine what version the phpbb forum is nor find out about other websites on the server. I heard theres something on the lines of http headers in tools but I can't find that, so.. yeah, I'll probably need close guidance. Thanks again, especially if you help me more :]. |
|
|
|
|
| Posted: Sun Nov 18, 2007 6:21 pm |
|
|
| pexli |
| Valuable expert |
 |
|
| Joined: May 24, 2007 |
| Posts: 665 |
| Location: Bulgaria |
|
|
|
|
|
|
To look version on phpBB.
Ex:
victim.com/phpBB/docs/CHANGELOG.html
To find IP.In WinXP
Start>>Run>>cmd in prompt type ping victim.com and you see IP on victim site/forum.Then go here http://domainsdb.net/ and copy/paste IP on your victim and look she is alone on this server or she in 1000 sites on this IP.
P.S.My engl. suckssss.Sorry.  |
|
|
|
|
| Posted: Sun Nov 18, 2007 7:53 pm |
|
|
| Avidlearner |
| Beginner |
|
|
| Joined: Nov 18, 2007 |
| Posts: 3 |
|
|
|
|
|
|
|
Thanks for the help, they are alone on the server (I think) but..
The advice on being able to check the phpbb version well.. for me, it only seems to render the board into a different format, with basic lettering and pictures and icons removed so... is there something I'm doing wrong?
'http://TheirForum.f o r u m s vibe.com/index.php/phpBB/docs/CHANGELOG.html' |
|
|
|
|
|
|
|
|
| Posted: Sun Nov 18, 2007 8:12 pm |
|
|
| waraxe |
| Site admin |
|
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
http://www.fo r u m s v i b e.com/
| Code: |
A Few Reasons to Choose Us!
:: Create your own phpBB Forum for Free!
:: Free sub domain (yourforum.forumsvibe.com)
:: 335 templates ready for you to use!
:: Unique Spam-Busting features on every forum
:: Over 60 pre-installed language packs (more info)
:: Customise your Forum with your own logo and styling
:: Fast, high quality servers (more info)
:: Unlimited space, Unlimited bandwidth (more info)
:: Easy to start, just click here!
|
They are professionals! I don't think, that it's easy to hack them  |
|
|
|
|
www.waraxe.us Forum Index -> Newbies corner
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
Discussions
Tools
Content
Info
Membership:
Latest: 
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 47
Members: 0
Total: 47
