munin
+ Reply to Thread
Results 1 to 9 of 9

Thread: * Question about exploits..

  1. #1
    Join Date
    May 2006
    Posts
    7

    * Question about exploits..

    Hi again.

    I compiled a source code that cracks\(i think) invision forums.

    After i compile + run the script i get some text like this:

    0* :02 :*0 and INFOHASH:00000000000 etc

    where do i put this code?

  2. #2
    Join Date
    Sep 2005
    Posts
    2,053
    Quote Originally Posted by casman
    Hi again.

    I compiled a source code that cracks\(i think) invision forums.

    After i compile + run the script
    After you say you "compiled" the script, I assume that the exploit code was given in C code; but if it was a perl script, please state that it is.

    i get some text like this:

    0* :02 :*0 and INFOHASH:00000000000 etc

    where do i put this code?
    To even begin to help you, we need the exact code, or link to the code. That information alone means nothing to me.
    Who needs drugs when you have electrons?

  3. #3
    Join Date
    May 2006
    Posts
    7
    Hi , thats the code(php):
    [url]http://www.securiteam.com/exploits/5AP0G0KG0A.html[/url]

  4. #4
    Join Date
    Sep 2005
    Posts
    2,053
    Quote Originally Posted by casman
    Hi , thats the code(php):
    [url]http://www.securiteam.com/exploits/5AP0G0KG0A.html[/url]
    Well I only have quickly looked at the code, but forums store users' passwords in a hashed form, so I am assuming this code attempts to grab the hashed password of the user you specify, from the database. As I said, I haven't got time to go through all the code, but that's what it does from what I can see. Once you have this password hash, you then have to crack it (cain & abel can crack a wide variety of hashes); this takes a very long time.
    Who needs drugs when you have electrons?

  5. #5
    Join Date
    May 2006
    Posts
    7
    Yeah , but it always return nul value....

  6. #6
    Join Date
    May 2006
    Posts
    7
    In this part of code , i think im doing something wrong

    $server = "web"; <---just the website without /forum/ path ??
    $port = 80;
    $file = "forum???"; <---file ? it means path ? like /forum/ ??

  7. #7
    Join Date
    Sep 2005
    Posts
    2,053
    Quote Originally Posted by casman
    In this part of code , i think im doing something wrong

    $server = "web"; <---just the website without /forum/ path ??
    $port = 80;
    $file = "forum???"; <---file ? it means path ? like /forum/ ??
    The $server variable should be set to the address of the site you are targeting, without the path ([url]www.site.com)[/url]. The $file variable should be set to the path to the forum (/forum).
    Who needs drugs when you have electrons?

  8. #8
    Join Date
    May 2006
    Posts
    7
    Ok, this time it just times out:

    Fatal error: Maximum execution time of 60 seconds exceeded in G:\wamp\www\sqInj0y22.PHP on line 72

    Line #72
    Code:
        $header.= fread($fp, 5*2);

  9. #9
    Join Date
    Sep 2005
    Posts
    2,053
    Quote Originally Posted by casman
    Ok, this time it just times out:




    Line #72
    Code:
        $header.= fread($fp, 5*2);
    Are you sure the exploit is for the correct version of invision ***rds?
    Who needs drugs when you have electrons?

+ Reply to Thread

Similar Threads

  1. RFI Exploits
    By mikemad23 in forum General discussion
    Replies: 1
    Last Post: 03-23-2008, 10:24 PM
  2. Finding Exploits
    By Moonbat in forum Programming
    Replies: 10
    Last Post: 11-07-2007, 06:41 PM
  3. Exploits
    By RamsesXIII in forum Internet Privacy
    Replies: 9
    Last Post: 02-17-2006, 03:13 PM
  4. exploits to hack sites
    By Bighomedog11 in forum Internet Privacy
    Replies: 6
    Last Post: 02-14-2006, 09:01 AM
  5. need help to open exploits
    By franck_888 in forum Internet Privacy
    Replies: 3
    Last Post: 11-22-2005, 05:33 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts