 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
 |
[Help] How to hack PHPBB 2.0.21 |
 |
 Posted: Sat Nov 24, 2007 11:14 pm |
 |
|
| 3ri0n |
| Regular user |
 |
|
| Joined: Nov 25, 2007 |
| Posts: 8 |
|
|
|
 |
|
 |
|
Hello all
i dont speak Very good english 
But,i will hack a PhpBB 2.0.21
have you a vulnerable?
Thnx |
|
|
|
|
| Posted: Sat Nov 24, 2007 11:20 pm |
|
|
| waraxe |
| Site admin |
 |
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
| Phpbb 2.0.21 does not contain any big security holes, as far as i know. There can be vulnerable MOD-s available, or you can try to find colocated websites on the same server and use them as kind of "backdoor" ... |
|
|
|
|
| Posted: Sat Nov 24, 2007 11:22 pm |
|
|
| 3ri0n |
| Regular user |
|
|
| Joined: Nov 25, 2007 |
| Posts: 8 |
|
|
|
|
|
|
|
this site does not have any mod installed :s
But, i have a SQL of this web
Sql backup |
|
|
|
|
| Posted: Sun Nov 25, 2007 1:53 am |
|
|
| waraxe |
| Site admin |
|
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
| 3ri0n wrote: | this site does not have any mod installed :s
But, i have a SQL of this web
Sql backup |
If you really have sql dump from that site, then you should have all the usernames and password hashes in your possession, even from admin(s).
In this case - post you hash(es) here and let's try to crack them  |
|
|
|
|
| Posted: Sun Nov 25, 2007 2:31 am |
|
|
| 3ri0n |
| Regular user |
|
|
| Joined: Nov 25, 2007 |
| Posts: 8 |
|
|
|
|
|
|
|
oki i upload this SQL 
http://www.speedyshare.com/96976557.html
here you hav all MD5
i need admin and Moderator
PLZ MAN PLZ
you are the best
PS:
'f05fa9f306d04f0b7efaf79f50045f90'
'21d22b350f4b261d17e17579a00f753c',
'8baf20812a3c5ff2855155a4c731e378'
'bf06f461b23e55a72437c6406e8081cb'
THANX |
|
Last edited by 3ri0n on Tue Nov 27, 2007 3:52 pm; edited 1 time in total |
|
|
|
| Posted: Sun Nov 25, 2007 1:06 pm |
|
|
| 3ri0n |
| Regular user |
|
|
| Joined: Nov 25, 2007 |
| Posts: 8 |
|
|
|
|
|
|
|
PLZ help me
', 'f05fa9f306d04f0b7efaf79f50045f90'
'21d22b350f4b261d17e17579a00f753c',
', '8baf20812a3c5ff2855155a4c731e378'
', 'bf06f461b23e55a72437c6406e8081cb' |
|
|
|
|
| Posted: Sun Nov 25, 2007 1:54 pm |
|
|
| waraxe |
| Site admin |
|
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
Here is one one hash I was able to crack:
8455f5f775c3d9a568bc2f23bb0b32f7 plaintext is c4l1n4z1
It seems to be belonging to admin-level user, so you probably can log-in and do whatever you want |
|
|
|
|
| Posted: Sun Nov 25, 2007 2:25 pm |
|
|
| 3ri0n |
| Regular user |
|
|
| Joined: Nov 25, 2007 |
| Posts: 8 |
|
|
|
|
|
|
|
Thanx Thanx Man i test this later
and other MD5?
Thanx |
|
|
|
|
| Posted: Sun Nov 25, 2007 2:36 pm |
|
|
| waraxe |
| Site admin |
|
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
| 3ri0n wrote: | Thanx Thanx Man i test this later
and other MD5?
Thanx |
I have many hashes right now cracking in my PC, so maybe something else will come out later. But try out that pasword, i gave you - if it's working admin pass, then you don't need anything else - because if you are admin, then you can promote any other user to admin level or change any user password if needed |
|
|
|
|
| Posted: Sun Nov 25, 2007 3:03 pm |
|
|
| 3ri0n |
| Regular user |
|
|
| Joined: Nov 25, 2007 |
| Posts: 8 |
|
|
|
|
|
|
|
this forum have a Htacces  in Cpanel |
|
|
|
|
| Posted: Mon Nov 26, 2007 4:50 pm |
|
|
| 3ri0n |
| Regular user |
|
|
| Joined: Nov 25, 2007 |
| Posts: 8 |
|
|
|
|
|
|
|
Have you a Vulnerable for
PHPBB 2.0.21 |
|
|
|
|
| Posted: Thu Mar 06, 2008 7:12 pm |
|
|
| Dorsk |
| Regular user |
|
|
| Joined: Aug 28, 2007 |
| Posts: 20 |
|
|
|
|
|
|
|
I was looking through a forum and when I clicked on a user, then clicked on the "show all posts from this user" I got this (edited code for safety):
| Code: |
Parse error: syntax error, unexpected '}' in /home/xxxx/public_html/xxxxxx/forums/includes/template.php(127) : eval()'d code on line 39
|
Is there anything that can be done with this?
PHPBB Version 2.0.21 |
|
|
|
|
|
|
|
|
| Posted: Thu Mar 06, 2008 8:55 pm |
|
|
| waraxe |
| Site admin |
|
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
| Dorsk wrote: | I was looking through a forum and when I clicked on a user, then clicked on the "show all posts from this user" I got this (edited code for safety):
| Code: |
Parse error: syntax error, unexpected '}' in /home/xxxx/public_html/xxxxxx/forums/includes/template.php(127) : eval()'d code on line 39
|
Is there anything that can be done with this?
PHPBB Version 2.0.21 |
Nope, you don't have attack vector, so you can't do anything useful.
This error message points to the fact, that webmaster was editing one of the template files and caused that error. |
|
|
|
|
| Posted: Fri Mar 07, 2008 6:46 pm |
|
|
| Dorsk |
| Regular user |
|
|
| Joined: Aug 28, 2007 |
| Posts: 20 |
|
|
|
|
|
|
|
| waraxe wrote: |
Nope, you don't have attack vector, so you can't do anything useful.
This error message points to the fact, that webmaster was editing one of the template files and caused that error. |
Thanks for the input waraxe. I will keep on searching! |
|
|
|
|
| Posted: Sat Jun 12, 2010 2:43 am |
|
|
| anngoc |
| Beginner |
|
|
| Joined: Jun 12, 2010 |
| Posts: 1 |
|
|
|
|
|
|
|
can you guys help me hack this forum:http://diendan.thpt-nbk.net/.
that's my old school's forum!!At Vietnam |
|
|
|
|
www.waraxe.us Forum Index -> PhpBB
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
Discussions
Tools
Content
Info
Membership:
Latest: 
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 88
Members: 0
Total: 88
