Hi again.
I compiled a source code that cracks\(i think) invision forums.
After i compile + run the script i get some text like this:
0* :02 :*0 and INFOHASH:00000000000 etc
where do i put this code?
Printable View
Hi again.
I compiled a source code that cracks\(i think) invision forums.
After i compile + run the script i get some text like this:
0* :02 :*0 and INFOHASH:00000000000 etc
where do i put this code?
[QUOTE=casman]Hi again.
I compiled a source code that cracks\(i think) invision forums.
After i compile + run the script[/QUOTE]
After you say you "compiled" the script, I assume that the exploit code was given in C code; but if it was a perl script, please state that it is.
[QUOTE]
i get some text like this:
0* :02 :*0 and INFOHASH:00000000000 etc
where do i put this code?[/QUOTE]
To even begin to help you, we need the exact code, or link to the code. That information alone means nothing to me.
Hi , thats the code(php):
[url]http://www.securiteam.com/exploits/5AP0G0KG0A.html[/url]
[QUOTE=casman]Hi , thats the code(php):
[url]http://www.securiteam.com/exploits/5AP0G0KG0A.html[/url][/QUOTE]
Well I only have quickly looked at the code, but forums store users' passwords in a hashed form, so I am assuming this code attempts to grab the hashed password of the user you specify, from the database. As I said, I haven't got time to go through all the code, but that's what it does from what I can see. Once you have this password hash, you then have to crack it (cain & abel can crack a wide variety of hashes); this takes a very long time.
Yeah , but it always return nul value....
In this part of code , i think im doing something wrong
$server = "web"; <---just the website without /forum/ path ??
$port = 80;
$file = "forum???"; <---file ? it means path ? like /forum/ ??
[QUOTE=casman]In this part of code , i think im doing something wrong
$server = "web"; <---just the website without /forum/ path ??
$port = 80;
$file = "forum???"; <---file ? it means path ? like /forum/ ??[/QUOTE]
The $server variable should be set to the address of the site you are targeting, without the path ([url]www.site.com)[/url]. The $file variable should be set to the path to the forum (/forum).
Ok, this time it just times out:
[quote]
Fatal error: Maximum execution time of 60 seconds exceeded in G:\wamp\www\sqInj0y22.PHP on line 72
[/quote]
Line #72
[code]
$header.= fread($fp, 5*2);
[/code]
[QUOTE=casman]Ok, this time it just times out:
Line #72
[code]
$header.= fread($fp, 5*2);
[/code][/QUOTE]
Are you sure the exploit is for the correct version of invision ***rds?