|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 81
Members: 0
Total: 81
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
some newb help |
|
Posted: Thu Jul 02, 2009 4:06 pm |
|
|
hazzy |
Beginner |
|
|
Joined: Jul 02, 2009 |
Posts: 1 |
|
|
|
|
|
|
|
I've recently social engineered a password for a forum (phpbb3 I think) that has since given me access to the admin panel and the ftp.
Since that I've installed phpmyadmin and later hacked the login script to send me non-md5'd passwords via email whenever a user logs into the forums. From there I now have access to other various websites the users use with the same password information - mainly email and things like that...
Is there any other nefarious acts I can accomplish on this forum or is it pretty much cooked? I guess the most interesting would be some sort of keylogger that can send me passwords for other applications they use, maybe even single out certain members... I don't know, as the title suggests, I'm a newb.
Thanks! |
|
|
|
|
|
|
|
|
Posted: Fri Jul 03, 2009 1:58 am |
|
|
gibbocool |
Advanced user |
|
|
Joined: Jan 22, 2008 |
Posts: 208 |
|
|
|
|
|
|
|
Well if you know everyone's password and email address, you may have access to their email accounts. And if they use different passwords then you can always request a lost password for accounts that you are interested in. Otherwise you can check if there are other websites on that server, and use that site to hack into other sites you may be interested in. |
|
|
|
|
www.waraxe.us Forum Index -> General discussion
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|