|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 71
Members: 0
Total: 71
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
Re: ???????????? |
|
Posted: Fri Jan 20, 2006 5:39 am |
|
|
lld_master |
Regular user |
|
|
Joined: Jan 12, 2006 |
Posts: 12 |
|
|
|
|
|
|
|
MOOD wrote: | i used this exploit for { phpBB2 Plus 1.55 based on phpBB }
I send PM's to All Admins And i got this
Cookie: phpbb2mysql_data=a:2:{s:11:\"autologinid\";s:0:\"\";s:6:\"userid\";s:1:\"5\";}; phpbb2mysql_sid=b8e1e9fc6bbfc7300fbffbd9e0303bf9; phpbb2mysql_t=a:9:{i:1668;i:1122573925;i:2019;i:1122574321;i:1628;i:1122575145;i:1402;i:1122575198;i:2034;i:1122575257;i:217;i:1122575288;i:2029;i:1122579674;i:1584;i:1122575488;i:2002;i:1122579443;}
IP: 217.54.143.159
Date and Time: 28 July, 2005, 10:11 pm
Referer: http://www.XXX.com/forum1000/privmsg.php?folder=inbox&mode=read&p=2121
Cookie: phpbb2mysql_data=a:2:{s:11:\"autologinid\";s:0:\"\";s:6:\"userid\";s:1:\"4\";}; phpbb2mysql_sid=59f7de399f61fbc4e164e9903049ba04; phpbb2mysql_b_6=1; phpbb2mysql_t=a:2:{i:1691;i:1122619864;i:2002;i:1122619899;}
IP: 81.10.79.206
Date and Time: 29 July, 2005, 8:52 am
Referer: http://www.XXX.com/forum1000/privmsg.php?folder=inbox&mode=read&p=2118
Cookie: phpbb2mysql_data=a:2:{s:11:\"autologinid\";s:0:\"\";s:6:\"userid\";s:1:\"6\";}; phpbb2mysql_sid=e86d7e0db8b0ab4cf0538f32ac2572f5; phpbb2mysql_t=a:3:{i:298;i:1122793324;i:2003;i:1122793546;i:2140;i:1122794074;}
IP: 196.204.149.12
Date and Time: 31 July, 2005, 9:15 am
Referer: http://www.XXX.com/forum1000/privmsg.php?folder=inbox&mode=read&p=2119
Any One Told Me Who To Use It Please |
This means that the admin didnt check the remember me next time I log in check box. If he did the it would look like this:
phpbb2mysql_data=a:2:{s:11:\"autologinid\";s:\" THE HASH WOULD SHOW UP HERE\":\"\";s:6:\"userid\";s:\"6\";}; phpbb2mysql_sid=e86d7e0db8b0ab4cf0538f32ac2572f5; phpbb2mysql_t=a:3:{i:298;i:1122793324;i:2003;i:1122793546;i:2140;i:1122794074;} |
|
|
|
|
|
|
|
|
Posted: Thu Apr 13, 2006 12:40 am |
|
|
DCDJ |
Beginner |
|
|
Joined: Apr 13, 2006 |
Posts: 3 |
|
|
|
|
|
|
|
Hi guys, could someone PLEASE reply to this post!!!
I have set up my php and txt file and its working fine. But does anyone know how to make it so that in your txt file the logs are going down and not sidways across the page? PLZ Help!!!!
DCDJ |
|
|
|
|
Posted: Thu Apr 13, 2006 5:14 pm |
|
|
DCDJ |
Beginner |
|
|
Joined: Apr 13, 2006 |
Posts: 3 |
|
|
|
|
|
|
|
I have been told this is a dead forum Is it true? |
|
|
|
|
|
|
|
|
Posted: Sat Jun 02, 2007 9:24 am |
|
|
Hosam |
Beginner |
|
|
Joined: Jun 02, 2007 |
Posts: 4 |
|
|
|
|
|
|
|
Hi everybody, I think I understand all these steps. But somthing is missing. as you all saying.
1- we have to get an infected forum
2- make your own php file with the php code and upload it to your website
3- chmod your php file and your log.txt file or whatever and but the in the same directory.
4- edit the expolit code with your php website.
* 5- then register in the forum and past the exploit code in a post?? or send it in a private msg to the forum admin?? which one?
6- Get the md5 code from your log.txt and replace your with this md5 passwd and the admin username in the cookie files
7- then close the IE and re-open it and you will get admin access.
lol I think I miss somthing :S can anyone of you guys please correct me and tell me whats missing and whats needed to be done? appreciated. |
|
|
|
|
|
www.waraxe.us Forum Index -> PhpBB
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 8 of 8
Goto page Previous1, 2, 3, 4, 5, 6, 7, 8
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|