|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 48
Members: 0
Total: 48
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
Help Admin-level authentication bypass in phpnuke 6.x-7.2 |
|
Posted: Sun Jul 25, 2004 11:49 pm |
|
|
zerocool |
Regular user |
|
|
Joined: Jul 17, 2004 |
Posts: 20 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Posted: Mon Jul 26, 2004 8:51 am |
|
|
zer0-c00l |
Advanced user |
|
|
Joined: Jun 25, 2004 |
Posts: 72 |
Location: BRAZIL! |
|
|
|
|
|
|
another zero cool haha
i think the site isnt vulnerable if shows 'slection from database failed'..
but the string works perfect |
|
|
|
|
|
bro come in |
|
Posted: Mon Jul 26, 2004 11:40 am |
|
|
zerocool |
Regular user |
|
|
Joined: Jul 17, 2004 |
Posts: 20 |
|
|
|
|
|
|
|
so why its tell me selection from database faild
and its not add a superadmin user
with user:waraxe2 and pass:coolpass
why when iam post this command its only tell me selection from database faild (( what i need 2 do? |
|
|
|
|
|
a |
|
Posted: Mon Jul 26, 2004 2:38 pm |
|
|
SteX |
Advanced user |
|
|
Joined: May 18, 2004 |
Posts: 181 |
Location: Serbia |
|
|
|
|
|
|
Site is patched...Site have updated php-nuke version,or have some protection system.. That exploit is old and dont work for 99% php-nuke sites..
|
|
_________________
We would change the world, but God won't give us the sourcecode...
....Watch the master. Follow the master. Be the master....
------------------------------------------------------- |
|
|
|
|
Thanks Bro |
|
Posted: Mon Jul 26, 2004 5:42 pm |
|
|
zerocool |
Regular user |
|
|
Joined: Jul 17, 2004 |
Posts: 20 |
|
|
|
|
|
|
|
Thanks For the help
and i have another Question when iam put this command to a site
modules.php?name=Journal&file=search&bywhat=aid&exact=1&forwhat=kala'/**/UNION/**/SELECT/**/0,0,pwd,0,0,0,0,0,0/**/FROM/**/nuke_authors/**/WHERE/**/radminsuper=1/**/LIMIT/**/1/*
its give me a hash but when iam view the profile of the user that have this hash i see id 0
why its tell me id 0???????
and give me hash to id 0 when i putting this sql injection command ((??
and where i can find the radminsuper id?? |
|
|
|
|
Posted: Mon Jul 26, 2004 8:44 pm |
|
|
SteX |
Advanced user |
|
|
Joined: May 18, 2004 |
Posts: 181 |
Location: Serbia |
|
|
|
|
|
|
God Admin always has ID 1 .. |
|
_________________
We would change the world, but God won't give us the sourcecode...
....Watch the master. Follow the master. Be the master....
------------------------------------------------------- |
|
|
|
|
Come In Stex |
|
Posted: Mon Jul 26, 2004 8:57 pm |
|
|
zerocool |
Regular user |
|
|
Joined: Jul 17, 2004 |
Posts: 20 |
|
|
|
|
|
|
|
yeah i know god admin is id 1 bro
but when iam doing this sql injection command i see the hash
with viewprofile id 0
why its this?? and how can i figure the God Admin id nickname??
because if i want to change in my cookie to the admin "cookie"
i need to know the id of the radminsuper like this
Stex:d3721b54ee6f43b22910c7e82775d56f
so know i only know the hash:d3721b54ee6f43b22910c7e82775d56f
but i dont know the radminsuper id nickname (
so i cant do nothing how can i know the superadmin nickname (? |
|
|
|
|
|
Thanks guys i was made to know the aid of the admin :) |
|
Posted: Tue Jul 27, 2004 4:09 pm |
|
|
zerocool |
Regular user |
|
|
Joined: Jul 17, 2004 |
Posts: 20 |
|
|
|
|
|
|
|
hey take off is info in the memberlist but i was doing thing like this
forum-userprofile-2.html&sid=3be12190a8ffa6b4ac8aa8d92cf45381g
and then i so is aid
thanks again bye bye |
|
|
|
|
Posted: Tue Jun 07, 2005 7:54 pm |
|
|
err |
Beginner |
|
|
Joined: Jun 07, 2005 |
Posts: 1 |
|
|
|
|
|
|
|
when i try i get:
Author's Creation Error
You must complete all compulsory fields
seems like exploit gonna work.. because it shows the menu admin. |
|
|
|
|
www.waraxe.us Forum Index -> PhpNuke
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|