Hack Forums

Hack Forums > Hacks, Exploits, and Various Discussions > Website and Forum Hacking > Hacking IPB tut (With pic)
Full Version: Hacking IPB tut (With pic)
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2 3 4 5 6 7 8 9 10 11 12

romeoz450

08-22-2008, 02:35 AM
Well There are so many ways to hack "Powered by invision power board" . But Im going to use the easy one .. ok lets start

What we need?
Code:
Opera : http://www.opera.com/download/
Perl : http://downloads.activestate.com/ActivePerl/Windows/5.8/ActivePerl-5.8.7.813-MSWin32-x86-148120.msi
Exploit : http://www.sendspace.com/file/iny0qq


Lets Start

1st you have to install Opera and perl

and after that run the Exploit with perl . and then you will get something like this

[Image: see2xw3.png]

ok this will Work on

Powered by invision power board v2.1.4
Powered by invision power board v2.1.5
Powered by invision power board v2.1.6
Powered by invision power board v2.1.3

so lets find a website

goto google and type one of those in the top

and you will get bunch of sites choose one

[Image: see4.jpg]

and paste the link to forum in " Path to forum index" And click "Test forum vulnerability"

[Image: see5.jpg]


if Site work with the exploit it will give something like this
[Image: see5.jpg]

if the site Docent work it will give somthing like this so then you have to choose a another site

[Image: see6.jpg]

Now change the User ID to admins ID most of times user id will be 1 or 2

[Image: 1-6.jpg]

if everything is good click “Get date from database”
a hash should pop up where it says “Returned date:” (note: you cant crack this hash you can only cookie spoof all the hash’s will be salted)

Now you have the hash ! now whats left to do is to login in with admin or whatever user you choose.

First go to your vulnerable website and register enter all the information needed preferably not entering real info. ( if your not a retard )

Set a random username like : plorlt
set an email like: a@hotmail.com ( it doesn’t have to be real I have a way of getting it without doing the email verify)

when it says an email has been sent to blabla just go back to the forum index and login.
When your in go to tools>advanced>cookies… now you need to find the vulnerable sites cookie you need to be logged in !
When you get to that cookie simple open the file and edit the Hash with the one you got with the exploit, and edit the member_id to whichever one you use to get the hash.

Then delete everything else in the cookie only member_id and hash is needed.

Click ok and refresh the page you should be logged in as your target !


Hope this will help you . And if you have any problem with the tut pm me .Thanks

romeoz450

08-23-2008, 08:44 AM
no reply ?

darkhack

08-23-2008, 08:49 AM
SEXY. Thanks for this man might try it later

romeoz450

08-23-2008, 10:47 AM
Sexy ???? ha ?? what the hell means that ?

scofield

08-23-2008, 04:08 PM
Exploit : http://www.sendspace.com/file/iny0qq

This have virus!

romeoz450

08-23-2008, 05:24 PM
look for your self its not a Virus
http://www.virustotal.com/analisis/95183...567dcf6b83

Code:
ntivirus      Version      Last Update      Result
AhnLab-V3    2008.8.21.0    2008.08.22    -
AntiVir    7.8.1.23    2008.08.23    -
Authentium    5.1.0.4    2008.08.23    -
Avast    4.8.1195.0    2008.08.23    VBS:Malware-gen
AVG    8.0.0.161    2008.08.23    -
BitDefender    7.2    2008.08.23    Trojan.Exploit.Perl.Board.C
CAT-QuickHeal    9.50    2008.08.22    -
ClamAV    0.93.1    2008.08.23    -
DrWeb    4.44.0.09170    2008.08.23    Exploit.phpBB
eSafe    7.0.17.0    2008.08.21    -
eTrust-Vet    31.6.6044    2008.08.23    -
Ewido    4.0    2008.08.23    -
F-Prot    4.4.4.56    2008.08.23    -
F-Secure    7.60.13501.0    2008.08.23    Exploit.Perl.Board.c
Fortinet    3.14.0.0    2008.08.23    -
GData    2.0.7306.1023    2008.08.20    Exploit.Perl.Board.c
Ikarus    T3.1.1.34.0    2008.08.23    -
K7AntiVirus    7.10.427    2008.08.23    -
Kaspersky    7.0.0.125    2008.08.23    Exploit.Perl.Board.c
McAfee    5368    2008.08.22    Perl/Exploit.gen
Microsoft    1.3807    2008.08.23    -
NOD32v2    3382    2008.08.23    Perl/Exploit.Board.C
Norman    5.80.02    2008.08.22    -
Panda    9.0.0.4    2008.08.23    -
PCTools    4.4.2.0    2008.08.23    Exploit.Perl.Board.c
Prevx1    V2    2008.08.23    -
Rising    20.58.52.00    2008.08.23    Hack.Exploit.Perl.Board.f
Sophos    4.32.0    2008.08.23    -
Sunbelt    3.1.1575.1    2008.08.23    -
Symantec    10    2008.08.23    -
TheHacker    6.3.0.6.060    2008.08.23    -
TrendMicro    8.700.0.1004    2008.08.23    PERL_Generic
VBA32    3.12.8.4    2008.08.23    Exploit.Perl.Board.c
ViRobot    2008.8.22.1346    2008.08.22    -
VirusBuster    4.5.11.0    2008.08.23    -
Webwasher-Gateway    6.6.2    2008.08.23    -


its a Exploit.Perl.Board.c Not a Virus .

Sven17

08-23-2008, 05:30 PM
DrWeb 4.44.0.09170 2008.08.23 Exploit.phpBB ? OMG this AV is 200%crap

anyway this is not virus!!
and why should we use opera?

romeoz450

08-23-2008, 05:38 PM
because its easy to edit cookies !

Sven17

08-23-2008, 05:39 PM
FireFox = better )

romeoz450

08-23-2008, 05:42 PM
yah ! if you want you can use firefox .. it dependz on you ! I just tald what to do .. if there any changers you can do . do for your own

anywasy ! I know firefox is better than opera ..Oui
Pages: 1 2 3 4 5 6 7 8 9 10 11 12
Hack Forums > Hacks, Exploits, and Various Discussions > Website and Forum Hacking > Hacking IPB tut (With pic)
Reference URL's