 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 106
 Members: 0
 Total: 106
|
|
|
|
|
|
Full disclosure |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
invision power board plz help!! |
|
 Posted: Sun Jun 27, 2004 10:39 am |
 |
|
| terrible one |
| Regular user |
 |
|
| Joined: Jun 25, 2004 |
| Posts: 10 |
|
|
|
 |
|
 |
|
| is there any exploits in invision power board that will get the admins md5 hash? |
|
|
|
|
| Posted: Sun Jun 27, 2004 11:26 am |
|
|
| SteX |
| Advanced user |
 |
|
| Joined: May 18, 2004 |
| Posts: 181 |
| Location: Serbia |
|
|
|
|
|
|
| Invision power board is not open-source software..So it is hardly to find any security flaws without source.. |
|
_________________
We would change the world, but God won't give us the sourcecode...
....Watch the master. Follow the master. Be the master....
------------------------------------------------------- |
|
|
|
| Posted: Mon Jun 28, 2004 9:07 am |
|
|
| icenix |
| Advanced user |
|
|
| Joined: May 13, 2004 |
| Posts: 106 |
| Location: Australia |
|
|
|
|
|
|
but not impossible,
Just because it is closed source, it is still relativley easy to assume certain functions would be suceptible to such things as .. ie: XSS Attacks for starters.
more complex request require understanding of the way they "worded the code" and how do execute a Function.
but it makes the job of searching for vulnerabilities a little bit harder. |
|
|
|
|
| Posted: Mon Jun 28, 2004 12:49 pm |
|
|
| vocal |
| Regular user |
|
|
| Joined: Jun 13, 2004 |
| Posts: 18 |
|
|
|
|
|
|
|
closed -> leaked  |
|
|
|
|
|
btw |
|
| Posted: Tue Jun 29, 2004 3:43 am |
|
|
| icenix |
| Advanced user |
|
|
| Joined: May 13, 2004 |
| Posts: 106 |
| Location: Australia |
|
|
|
|
|
|
| Quote: | | is there any exploits in invision power board that will get the admins md5 hash? |
dont forget terrible one that this is a WhiteHat related forum,
you might mean well but the way you word your messages needs to be altered alittle bit,
were not talking as if its malicious intent |
|
|
|
|
|
|
|
|
| Posted: Tue Jun 29, 2004 5:27 pm |
|
|
| vocal |
| Regular user |
|
|
| Joined: Jun 13, 2004 |
| Posts: 18 |
|
|
|
|
|
|
|
icenix, you bring up an interesting subject.
My question is WHY?
Let me explain. Most people are not white, gray or black hats. They lie somewhere in between. Yet, there is a huge trend around the web to force people into one specific way of thinking. This by itself is incompatible to the spirit of hacking, no matter how you define the word. In any case, hacking is about crossing limits (to good or to bad extend is of his decision). Forcing people to be hypocrites as they way they express, is not a good thing imho.
Why do we fear that if we talk about "illegal" action, we will be in jail?
You have to actually DO illegal actions to be in trouble. Saying you 've done something in a forum, is not going to get you in jail in any court.
So why,the self censoring?
| Quote: |
How do i erase the sql tables in PHPBB?
|
could be well rephrased to ...
| Quote: |
I have an interesting situation on my test server. I 've just setup Apache 2.0.31 with the beta PHP and Oracle and installed the 2.0.6 version of PhpBB. I 've been running some preliminary tests as far as the eploit foo is concearned and I 'm facing a difficulty. I am trying to see if a malicious user could erase the users' table. So far I 've done this and that but it 's pointless. Am I missing something?"
|
which sounds a lot more sofistcated and politically correct.
But why go in to all that trouble anyway? We all know what the first and the second user wants to achive. To erase the sql tables. |
|
|
|
|
|
|
good question |
|
| Posted: Fri Jul 02, 2004 5:39 am |
|
|
| icenix |
| Advanced user |
|
|
| Joined: May 13, 2004 |
| Posts: 106 |
| Location: Australia |
|
|
|
|
|
|
well,
if we didnt censor the forum every tom dick and harry will be telling us about their fantastic stories of breaking into the Government Computer System etc..etc..etc..
you can brag all you like about how many users you hacked and how many computers you pwned but in this forum, you cant.
The way you phrase your Post will reflect on the sort of answer you get.
As a Chinese Proverb Says
"One who asks a question is a fool for five minutes; one who does not ask a question remains a fool forever"
when someone says "How do i erase the tables in PHPBB"
Because this is (SHOULD BE) a Whitehat related forum, i coud of easily just replyed:
| Code: |
Go into your MySQL Server and Format Everything, or go into PHPMyAdmin and Click Wipe Tables etc..etc..etc..
|
but from the tone because no one is listening to the whitehat rule,
i knew better and knew that it was for malicious intent.
to cut it short.
The way you word your answers will reflect on the response you get. |
|
|
|
|
|
www.waraxe.us Forum Index -> Newbies corner
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
