Waraxe IT Security Portal
Login or Register
November 24, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 58
Members: 0
Total: 58
Full disclosure
APPLE-SA-11-19-2024-5 macOS Sequoia 15.1.1
Local Privilege Escalations in needrestart
APPLE-SA-11-19-2024-4 iOS 17.7.2 and iPadOS 17.7.2
APPLE-SA-11-19-2024-3 iOS 18.1.1 and iPadOS 18.1.1
APPLE-SA-11-19-2024-2 visionOS 2.1.1
APPLE-SA-11-19-2024-1 Safari 18.1.1
Reflected XSS - fronsetiav1.1
XXE OOB - fronsetiav1.1
St. Poelten UAS | Path Traversal in Korenix JetPort 5601
St. Poelten UAS | Multiple Stored Cross-Site Scripting in SEH utnserver Pro
Apple web content filter bypass allows unrestricted access to blocked content (macOS/iOS/iPadOS/visionO S/watchOS)
SEC Consult SA-20241112-0 :: Multiple vulnerabilities in Siemens Energy Omnivise T3000 (CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879)
Security issue in the TX Text Control .NET Server for ASP.NET.
SEC Consult SA-20241107-0 :: Multiple Vulnerabilities in HASOMED Elefant and Elefant Software Updater
Unsafe eval() in TestRail CLI
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> All other software -> Cutenews <= 1.4.5 admin password md5 hash fetch exploit Goto page Previous1, 2, 3, 4
Post new topicReply to topic View previous topic :: View next topic
PostPosted: Thu May 29, 2008 1:33 am Reply with quote
Terminal
Beginner
Beginner
Joined: May 15, 2008
Posts: 4




Terminal wrote:
Okay thanks that helped a little but now i get
URL is Valid
Request Failed!
Sleeping 1 Seconds
Awake...
Retry #2

and it keeps going adding a second and a retry everytime.

until #10 when its gives fatal error and stops.


Can i have a hand with this?
View user's profile Send private message
PostPosted: Wed Jun 04, 2008 3:18 pm Reply with quote
mixman
Regular user
Regular user
Joined: Jun 03, 2008
Posts: 11
Location: Estonia,Tallinn




Hi,
i found one site and got username from there:
Quote:
Total 1 user(s) detected:
1 admin(s)
0 editor(s)
0 journalist(s)
0 commenter(s)
Pretesting passed successfully - target is vulnerable!

Fetched 1 usernames with reglevel 'admin'

tt

Total time spent: 2 seconds
HTTP requests made: 20

Questions and feedback - http://www.waraxe.us/forums.html
See ya! Smile


Now when i run other script for getting md5, i get this,
Quote:
Pretest 1 failed - wrong username?

Please help me what am i doing wrong?
Quote:
$target = 'http://www.xxxxxx.ee/uudised/search.php';
$username = 'admin'; // Username is needed
$outfile = './cute_log.txt';// Log file


Shoutd be ok?
View user's profile Send private message
PostPosted: Wed Jun 04, 2008 3:26 pm Reply with quote
Chedda
Active user
Active user
Joined: May 26, 2008
Posts: 27




the admin username is tt not admin.

Code:

$target = 'http://www.xxxxxx.ee/uudised/search.php';
$username = 'tt'; // Username is needed
$outfile = './cute_log.txt';// Log file
View user's profile Send private message
PostPosted: Wed Jun 04, 2008 4:06 pm Reply with quote
mixman
Regular user
Regular user
Joined: Jun 03, 2008
Posts: 11
Location: Estonia,Tallinn




Chedda wrote:
the admin username is tt not admin.

Code:

$target = 'http://www.xxxxxx.ee/uudised/search.php';
$username = 'tt'; // Username is needed
$outfile = './cute_log.txt';// Log file


Thank you very much, that worked! Smile
View user's profile Send private message
PostPosted: Wed Jun 11, 2008 6:41 pm Reply with quote
code_decoder
Beginner
Beginner
Joined: Jun 07, 2008
Posts: 2




Terminal wrote:
Terminal wrote:
Okay thanks that helped a little but now i get
URL is Valid
Request Failed!
Sleeping 1 Seconds
Awake...
Retry #2

and it keeps going adding a second and a retry everytime.

until #10 when its gives fatal error and stops.


Can i have a hand with this?


same here.. i configure everything as said before .. but i get the same problem.. any idea people ??
View user's profile Send private message
PostPosted: Wed Aug 06, 2008 10:19 am Reply with quote
andy
Beginner
Beginner
Joined: Aug 06, 2008
Posts: 3




Hi, in log file I get something like this:

-------------------------------------------------------
Cutenews password md5 hash fetching started
Target: http://xxxxx.xxx/News/search.php
Username: xxx


What i have to do to receive md5 hash of password? I made everything step by step from this topic instructions.
Thanks.
View user's profile Send private message
PostPosted: Wed Aug 06, 2008 10:30 am Reply with quote
waraxe
Site admin
Site admin
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




andy wrote:
Hi, in log file I get something like this:

-------------------------------------------------------
Cutenews password md5 hash fetching started
Target: http://xxxxx.xxx/News/search.php
Username: xxx


What i have to do to receive md5 hash of password? I made everything step by step from this topic instructions.
Thanks.


It's allready old exploit, more than half year has passed ... so target can be patched ...
Next, do you use it as php CLI? Can you see error messages?
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Wed Aug 06, 2008 10:37 am Reply with quote
andy
Beginner
Beginner
Joined: Aug 06, 2008
Posts: 3




Can You tell how can i do this?
I do it in the way which is described in this thread.
No error appears.

I know that I can hack this site cause I already have done it with this.
View user's profile Send private message
PostPosted: Tue Feb 24, 2009 3:43 pm Reply with quote
shunkiano
Beginner
Beginner
Joined: Feb 24, 2009
Posts: 3




I have a little problem with your exploit Smile

I run it on Linux with CLI and i got this message

Validating target URL
URL is valid
Pretest failed - wrong username?
View user's profile Send private message
PostPosted: Fri Feb 27, 2009 5:17 am Reply with quote
shunkiano
Beginner
Beginner
Joined: Feb 24, 2009
Posts: 3




Anybody help?
View user's profile Send private message
PostPosted: Fri Feb 27, 2009 7:01 am Reply with quote
gibbocool
Advanced user
Advanced user
Joined: Jan 22, 2008
Posts: 208




Well it means you may have put the wrong username.

_________________
http://www.gibbocool.com
View user's profile Send private message Visit poster's website
PostPosted: Fri Feb 27, 2009 8:14 am Reply with quote
skmpz
Advanced user
Advanced user
Joined: Oct 11, 2008
Posts: 169
Location: Cyprus




$username = 'waraxe'; // Username is needed

have u changed that line ?
i mean instead of waraxe between the '' the user u want to attack ..
View user's profile Send private message
PostPosted: Fri Feb 27, 2009 10:31 am Reply with quote
shunkiano
Beginner
Beginner
Joined: Feb 24, 2009
Posts: 3




Yes of course... i change all
View user's profile Send private message
PostPosted: Thu Jan 05, 2012 3:09 pm Reply with quote
sfisher
Beginner
Beginner
Joined: Jan 04, 2012
Posts: 2




Hey dear Janek

first, thanks a lot for your nice work , and also I've a question,
after hacking cutenews, how can I upload a shell with Manage Images,
it avoid php file and I just can upload images !
actually I tested, HTTP Live header & tamper data to handle it but again, can't upload

thnx for your help ... Crying or Very sad
View user's profile Send private message
Cutenews <= 1.4.5 admin password md5 hash fetch exploit
www.waraxe.us Forum Index -> All other software
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 4 of 4
Goto page Previous1, 2, 3, 4
Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.047 Seconds