Waraxe IT Security Portal
Login or Register
November 21, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 58
Members: 0
Total: 58
Full disclosure
SEC Consult SA-20241112-0 :: Multiple vulnerabilities in Siemens Energy Omnivise T3000 (CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879)
Security issue in the TX Text Control .NET Server for ASP.NET.
SEC Consult SA-20241107-0 :: Multiple Vulnerabilities in HASOMED Elefant and Elefant Software Updater
Unsafe eval() in TestRail CLI
4 vulnerabilities in ibmsecurity
32 vulnerabilities in IBM Security Verify Access
xlibre Xnest security advisory & bugfix releases
APPLE-SA-10-29-2024-1 Safari 18.1
SEC Consult SA-20241030-0 :: Query Filter Injection in Ping Identity PingIDM (formerly known as ForgeRock Identity Management) (CVE-2024-23600)
SEC Consult SA-20241023-0 :: Authenticated Remote Code Execution in Multiple Xerox printers (CVE-2024-6333)
APPLE-SA-10-28-2024-8 visionOS 2.1
APPLE-SA-10-28-2024-7 tvOS 18.1
APPLE-SA-10-28-2024-6 watchOS 11.1
APPLE-SA-10-28-2024-5 macOS Ventura 13.7.1
APPLE-SA-10-28-2024-4 macOS Sonoma 14.7.1
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> PhpBB -> I Know Nothing About Hacking, So I Could Use Some Help
Post new topicReply to topic View previous topic :: View next topic
I Know Nothing About Hacking, So I Could Use Some Help
PostPosted: Sat Jul 26, 2008 11:25 am Reply with quote
OneBigDummy
Regular user
Regular user
Joined: Jul 26, 2008
Posts: 6




I want to hack a PhpBB board. I think it's a very old board, as the latest copyright date is 2002.

These guys are the ultimate trolls. Heck, that's the whole premise of the board. Then they run back to the board I want to hack and yuck it up.

I tried this thread, but no luck: http://www.waraxe.us/ftopict-1594.html

I'll give you any details you need. I'll will even pay to get the job done right and without detection. Just let me know.
View user's profile Send private message
PostPosted: Sat Jul 26, 2008 11:37 am Reply with quote
lenny
Valuable expert
Valuable expert
Joined: May 15, 2008
Posts: 275




Find the version number - the specific version number. You can generally do this by going to the target url folowed by "/docs/CHANGELOG.html" and finding the last entry and work out the current version Smile

Once you have this, come back and we can talk a little more.
View user's profile Send private message
PostPosted: Sat Jul 26, 2008 11:42 am Reply with quote
OneBigDummy
Regular user
Regular user
Joined: Jul 26, 2008
Posts: 6




Be gentle with me here, because I know absolutely zilch about hacking/defacing. This is a pure revenge job on my part.

Here is the URL:

http://************.com/phpBB2/

I assume you mean it should say:

http://************.com/phpBB2/docs/CHANGELOG.HTML

When I put that in I get a "404 Not Found" error. Question


EDIT: I see I can't post the link to the site, so I edited it.
View user's profile Send private message
PostPosted: Sat Jul 26, 2008 11:49 am Reply with quote
lenny
Valuable expert
Valuable expert
Joined: May 15, 2008
Posts: 275




Hmmm... well revenge hacking dosen't really meet with my moral standings, nor should I really be helping you hack for pure revenge... but I will continue.

Firstly, Waraxe won't like you posting vulnerable URLs, so you better get rid of it (which I doubt).

Firstly, the community is a large one. Large communities generally will take care to protect themselves, and the admin obviously has some sense otherwise the Docs directory would still be there.

I found this:
Quote:
This is unrelated to your current problem but it looks like you've missed some phpBB updates, or at least your FI Black 3D template hasn't been updated. The following:

Quote:
Powered by phpBB © 2001, 2002 phpBB Group


Should look more like this:

Quote:
Powered by phpBB © 2001, 2005 phpBB Group


That change occurred in the 2.0.11 to 2.0.12 phpBB update...


Now that implies to me that the version must be around 2.0.11 or so. Hopefully. Maybe look around for exploits for those versions (I know there are a few) and try some of them out?


Edit: Hang on, Just doing some research into exploits... It seems you already tried a 2.0.11 exploit to no result...
View user's profile Send private message
PostPosted: Sat Jul 26, 2008 11:55 am Reply with quote
OneBigDummy
Regular user
Regular user
Joined: Jul 26, 2008
Posts: 6




When I used the link I put in my original post (http://www.waraxe.us/ftopict-1594.html), I could get to step seven before the page I was trying to hack just kept refreshing itself. Although it wasn't in the instructions, I'd have to hit the "Replay" button before I could edit.

I edited the URL out of the other post. If you read some of the posts on that board, however, you'll see that they are pretty deserving of whatever comes to them.
View user's profile Send private message
PostPosted: Sat Jul 26, 2008 12:01 pm Reply with quote
OneBigDummy
Regular user
Regular user
Joined: Jul 26, 2008
Posts: 6




I apologize for the double post, but I found it!!!

2.0.5
View user's profile Send private message
PostPosted: Sat Jul 26, 2008 12:07 pm Reply with quote
lenny
Valuable expert
Valuable expert
Joined: May 15, 2008
Posts: 275




Brilliant! Now set about finding exploits Twisted Evil
View user's profile Send private message
PostPosted: Sat Jul 26, 2008 12:13 pm Reply with quote
OneBigDummy
Regular user
Regular user
Joined: Jul 26, 2008
Posts: 6




Would I have to use exploits specifically for 2.0.5? I did a search and only found one link with "2.0.5" in the title. Confused

If I can use others, would I use earlier or later versions?
View user's profile Send private message
PostPosted: Sat Jul 26, 2008 12:23 pm Reply with quote
lenny
Valuable expert
Valuable expert
Joined: May 15, 2008
Posts: 275




Try and find exploits specific for 2.0.5... however some exploits from a few builds beforehand may also work. Just try Googling "phpbb 2.0.5 exploits" and do some research Smile
View user's profile Send private message
PostPosted: Sat Jul 26, 2008 12:31 pm Reply with quote
OneBigDummy
Regular user
Regular user
Joined: Jul 26, 2008
Posts: 6




I read the documentation for the 2.0.5 exploits, but honestly it's all jibberish to me. I really don't understand it. Sorry for being such a pain, but I'm going to keep trying, even if it takes me months with this little topic. Please be patient.
View user's profile Send private message
I Know Nothing About Hacking, So I Could Use Some Help
www.waraxe.us Forum Index -> PhpBB
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 1 of 1

Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.061 Seconds