Waraxe IT Security Portal
Login or Register
November 24, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 35
Members: 0
Total: 35
Full disclosure
APPLE-SA-11-19-2024-5 macOS Sequoia 15.1.1
Local Privilege Escalations in needrestart
APPLE-SA-11-19-2024-4 iOS 17.7.2 and iPadOS 17.7.2
APPLE-SA-11-19-2024-3 iOS 18.1.1 and iPadOS 18.1.1
APPLE-SA-11-19-2024-2 visionOS 2.1.1
APPLE-SA-11-19-2024-1 Safari 18.1.1
Reflected XSS - fronsetiav1.1
XXE OOB - fronsetiav1.1
St. Poelten UAS | Path Traversal in Korenix JetPort 5601
St. Poelten UAS | Multiple Stored Cross-Site Scripting in SEH utnserver Pro
Apple web content filter bypass allows unrestricted access to blocked content (macOS/iOS/iPadOS/visionO S/watchOS)
SEC Consult SA-20241112-0 :: Multiple vulnerabilities in Siemens Energy Omnivise T3000 (CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879)
Security issue in the TX Text Control .NET Server for ASP.NET.
SEC Consult SA-20241107-0 :: Multiple Vulnerabilities in HASOMED Elefant and Elefant Software Updater
Unsafe eval() in TestRail CLI
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> Newbies corner -> explenation php 2.0.12 forum exploit for newbies
Post new topicReply to topic View previous topic :: View next topic
explenation php 2.0.12 forum exploit for newbies
PostPosted: Thu Jul 10, 2008 8:05 pm Reply with quote
inse
Beginner
Beginner
Joined: Jul 10, 2008
Posts: 4




phpBB 2.0.12 forums hacking Example forum: http://www.illegaaltje.nl/phpBB2/ (on which you can test it LEGALLY)

Foreword In these tutorial go we learn how we phpBB 2.0.12 are possible forums hacken, using exploits which we download.

I do not go further on the term exploiten in or the errors, I will your only learn how we phpBB are possible 2.0.12 forums hacking and I emphasise still even that this illigaal are if this is done without authorisation, and I am nowhere responsible for.

Once you have this under the knee hope I of that you admins will to help destroying forums.

The Exploit Exploit are a script which uses of errors in a forum, this way determined rights be able get if guard word hashish to be able get hold of etc.

Exploits are generally written in C, Perl and in Php, and we will use exploit which has been written in perl.

We must therefore firstly get hold of the exploit to do that we use google, and type: exploit phpBB 2.0.12.

But I go rather to: www.milw0rm.com, 1 of the largest exploit site which I know.

I go there to search and bowl already fast at http://www.milw0rm.com/id.php?id=889.

Oke these are therefore the exploit script we see to `#! /usr/bin/perl' from that layout I that we to do have with exploit which have been written in perl.

Therefore lettuce these script as exploit.pl on c:\ disk. (draft cube > store as > exploit.pl) Download Perl Our exploit need carry out script we use therefore perl.

Now we go to www.google.nl and we type in: Download perl and already rapidly come we on a page and there download we perl. For lazy people onderons here a link: http://www.activestate.com/Products/Download/Download.plex?id=ActivePerl now we perl have downloaded and we have installed further to the real hacken of a forum.

Hacken of the phpBB 2.0.12 forum. Here our example forum is on which you can test it: http://www.illegaaltje.nl/phpBB2/ In my example I use this forum also.

Oke we go ourselves firstly register, pay attention there to that your name but from 1 part exist therefore not `jan piet' can but `janpiet'.

I take nice orginenal in my example the name `UR'. Now we have acount we let us proceed to the hacken, open amount (starts > uivoeren/manage > type and then grapple command). We save our exploit with the name exploit.pl on c:\ disk have stored therefore we type now the following in amount: `cd (without '' natural) and very grapple c:\. And then we type `exploit.pl `and reiteration grapple and get we this. (do not get you this have you perl not well geinstalt or something else)

CODE+++++++++++++++++++++++++++++++++++++++++++++++++++ Usage: perl nenu.pl [site] [phpbb folder] [username] [proxy (optional)] i.e. perl nenu.pl www.site.com /forum/ BigAdmin 127.0.0.1: 3128 ++++++++++++++++++++++++++++++++++++++++++++++++++++

oke here are explained how we using therefore we must, firstly the site then the folder where the forum is himself and then our acount name in this case UR Oke now will you that do with you forum, in my example is that http://www.illegaaltje.nl/phpBB2/index.php.

in my example type I in amount `of exploit.pl www.illegaaltje.nl /phpBB2/ UR' And I very grapple.

(such as you sees I replace http:// for www differently give that error and I omit index.php) Now krijg something like that as below:

CODE++++++++++++++++++++++++++++++++++++ Trying to connect to www.illegaaltje.nl/phpBB2/ Forum is vulnerable!!! +++++++++++++++++++++++++++++ Trying to get the user: UR ID… Done… ID=15 ++++++++++++++++++++++++++++++ Trying to give user: UR admin status… Well done!!! UR should now property an admin status. ++++++++++++++++++++++++++++

Now you go to the forum and unwieldly you go up your acount, and to realise you that something (below the forum) in the direction of `adminstratie permits panel' there.

And that is the proof that you are admin, what you do not will do for rest are entirely you choice go along I you to help.

I would tell the admin that its forum safe is not and together for a solution to search.

Epilogue I hope that you have learned of this something, and now forum will search admins help with these wrongly and improve.

Be nowhere responsible for, therefore everything are whole on own risk

srry for my bad english
View user's profile Send private message
explenation php 2.0.12 forum exploit for newbies
www.waraxe.us Forum Index -> Newbies corner
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 1 of 1

Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.047 Seconds