|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 59
Members: 0
Total: 59
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
Posted: Sun Apr 09, 2006 11:08 am |
|
|
Kw3rLn |
Beginner |
|
|
Joined: Apr 01, 2006 |
Posts: 1 |
|
|
|
|
|
|
|
yea...put log.txt were cookies.php are |
|
|
|
|
Posted: Sun Apr 09, 2006 5:27 pm |
|
|
Aryan-Husky |
Active user |
|
|
Joined: Apr 03, 2006 |
Posts: 37 |
|
|
|
|
|
|
|
Your cookies.php script should make a file called log.txt automatically in the same directory. |
|
|
|
|
Posted: Sun Apr 16, 2006 1:33 am |
|
|
SicKn3sS |
Regular user |
|
|
Joined: Apr 16, 2006 |
Posts: 14 |
|
|
|
|
|
|
|
Lol i dont mean to be a noob but i get this error with my server:
Code: | Warning: fopen(log.txt) [function.fopen]: failed to open stream: Permission denied in /mnt/storage/users/d/0/c/d0cuh3/pwnt.php on line 6
Warning: fwrite(): supplied argument is not a valid stream resource in /mnt/storage/users/d/0/c/d0cuh3/pwnt.php on line 11
Warning: fclose(): supplied argument is not a valid stream resource in /mnt/storage/users/d/0/c/d0cuh3/pwnt.php on line 12 |
I have a free PHP 5 server at www.host.sk. How can I set the permissions to let that PHP file write a log.txt?
K nvm all that I just used a different host this host.sk is full of bugs and always has parts down for maintainance, thanks so much for this help though. |
|
|
|
|
|
|
|
|
Posted: Sun Apr 16, 2006 1:03 pm |
|
|
dinho |
Regular user |
|
|
Joined: Apr 15, 2006 |
Posts: 16 |
|
|
|
|
|
|
|
Well I have tryed it ... and worked fine but it doesn't show me the victim Cookies
I mean it shows the date , IP , and sometimes the link ...
Code: | IP: ***.***.***.***
Date and Time: 16 April, 2006, 7:57 am
Referer: http://www.localhost.com/phpbb2/viewtopic.php?p=1
Cookie: |
as we can see the cookie side is empty, I don't know why |
|
|
|
|
|
|
|
|
Posted: Sun Apr 16, 2006 2:13 pm |
|
|
SicKn3sS |
Regular user |
|
|
Joined: Apr 16, 2006 |
Posts: 14 |
|
|
|
|
|
|
|
dinho wrote: | Well I have tryed it ... and worked fine but it doesn't show me the victim Cookies
I mean it shows the date , IP , and sometimes the link ...
Code: | IP: ***.***.***.***
Date and Time: 16 April, 2006, 7:57 am
Referer: http://www.localhost.com/phpbb2/viewtopic.php?p=1
Cookie: |
as we can see the cookie side is empty, I don't know why |
It only gives you the cookies of where you were referred from so send it to someone and it should work fine.
This is what i got (I got like 10 because the dumb guy opened it like 10 times)
Code: | Date and Time: 16 April, 2006, 4:01 am
Referer: http://X.com/modules.php?name=Private_Messages&file=index&folder=inbox&mode=read&p=1249 Cookie: eqdkp_data=a:2:{s:13:\"auto_login_id\";s:0:\"\";s:7:\"user_id\";i:-1;}; Xforums_data=a:2:{s:11:\"autologinid\";s:0:\"\";s:6:\"userid\";s:2:\"94\";}; lang=english; user=OTQ6R3JpeWE6ZmU2MzE5NjhmMGNkNzFmMGIyODk2ZWFlYTM4MzY5NmQ6MTA6OjA6MDowOjA6OjQwOTY=; Xforums_sid=e8528ca60941211f34c8b723f4acbc85; Xforums_t=a:12:{i:1295;i:1145147084;i:1292;i:1145147109;i:1296;i:1145147137;i:1287;i:1145147166;i:691;i:1145147216;i:1277;i:1145147338;i:1231;i:1145147376;i:1275;i:1145147426;i:1270;i:1145147477;i:1234;i:1145147488;i:1212;i:1145147498;i:1300;i:1145171689;}
IP: **.***.***.*** |
How exactly do I make a cookie to use this can someone compile it for me? Im using some coockie editor firefox extension. Lol plz help fast before its too late. |
|
|
|
|
|
|
|
|
Posted: Tue Apr 18, 2006 6:47 pm |
|
|
syntax9 |
Active user |
|
|
Joined: Dec 21, 2005 |
Posts: 33 |
|
|
|
|
|
|
|
nice hijack. but for the original post, oobiin is looking at the same targetas iam. ill match whatever he offers, so the reward is dbl'd. |
|
|
|
|
Posted: Tue Apr 18, 2006 8:07 pm |
|
|
SicKn3sS |
Regular user |
|
|
Joined: Apr 16, 2006 |
Posts: 14 |
|
|
|
|
|
|
|
I thought there was a way to just post an image with bb code and it worked that way I saw something like that on milw0rm does anyone know how? |
|
|
|
|
|
|
|
|
Posted: Tue Apr 18, 2006 8:27 pm |
|
|
johnny |
Regular user |
|
|
Joined: Mar 13, 2006 |
Posts: 13 |
|
|
|
|
|
|
|
Here is the scoop on this exploit:
- You put the cookies.php on YOUR server. Make it executable. Put the path to it in the string of HTML. Then make a blank text file called "log.txt" and make sure it has permissions 777 (read/write/execute for all).
- Add the string of HTML to the bottom of a post or PM that you make on the board. Make sure there is enough text above the string of HTML so that the HTML is at least 6 or 8 lines down (the reason being that if others search for your posts, the background color of the search results won't match the color of the HTML you inserted and your HTML code will be visible).
- Wait for someone to read your post.
- Then, IF the following are true, you will get the cookie:
1) They are using IE for Windows.
2) They have Autologin checked.
The cookie string that you get back in log.txt will be the 32 characters that follow the "s:32" in the string.
Submit this 32 characters to Milw0rm.com's cracker or to another online cracker to get the password. Not all passwords are crackable.
There. |
|
|
|
|
|
|
|
|
Posted: Tue Apr 18, 2006 11:33 pm |
|
|
SicKn3sS |
Regular user |
|
|
Joined: Apr 16, 2006 |
Posts: 14 |
|
|
|
|
|
|
|
I used www.t35.com to make mine, all you have to do is upload the php file and post the exploit and it will work. |
|
|
|
|
Posted: Sun May 07, 2006 1:37 pm |
|
|
zolw |
Beginner |
|
|
Joined: May 07, 2006 |
Posts: 1 |
|
|
|
|
|
|
|
but if on 2.0.17 forum HTML in posts is deactivated, what to do then? |
|
|
|
|
Posted: Mon May 08, 2006 8:44 pm |
|
|
Redempti0n |
Beginner |
|
|
Joined: May 08, 2006 |
Posts: 2 |
|
|
|
|
|
|
|
zolw wrote: | but if on 2.0.17 forum HTML in posts is deactivated, what to do then? |
I am having the same problem as well. Is it possible to post a URL to the PHP file and still obtain the cookie information? I have yet to test it on my forums, however, with HTML enabled, the XSS script works. |
|
|
|
|
www.waraxe.us Forum Index -> PhpBB
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 2 of 2
Goto page Previous1, 2
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|