kayvan

Viewing private forums!

13 posts in this topic

Hi

this is my first post here!

i was googling the whole day for this but I gain nothing! Is it possible to access private areas of a forum which is not allowed for you?

sometimes you need to pay to get some info from a private forum! Can google crawl into these places? I tried some google searchs (like site intext intitle and ...) but I couldn't get what I want! so any suggestions?

(i'm sorry for my bad english. its not my native lang!)

regards!

1

Share this post


Link to post
Share on other sites

if google can crawl the forums, you can too. Some forums which require registration or subscription are configured to allow googlebot entry to create listings in google which will cause people searching for answers to come and sign up / subscribe. For instance, BinRev allows googlebot to access the Member's Only forums (but not the subscription / position based forums) [Reference] so that the information there will be indexed, but people who come should sign up and hopefully stay (or just use google cache)

This can be used to your advantage if the forums you seek are configured this way (although from your post I don't think they are) by tricking the site into thinking that you are the googlebot. This is achieved using User Agent spoofing, a quick search on a search engine should give you the details of many ways to do it for your browser, and GoogleBot's User Agent string...

Edited by n3xg3n
0

Share this post


Link to post
Share on other sites

this works wonderfully on many poorly configured pay porn fourms out there

0

Share this post


Link to post
Share on other sites

Checkout BeTheBot , supposedly lets you view sites like Google/Yahoo does.

0

Share this post


Link to post
Share on other sites

n3xg3n is right. We allow google to browse some forums as read only. At best, by spoofing googlebot, you would just be able to read and not post. googlebot has no posting privileges. :P

If you want to spoof google bot just to read the registered area of binrev just to see the posts there...why not just register? It is free.

googlebot cannot browse any of our moderators or donors areas. They are whitelist only.

0

Share this post


Link to post
Share on other sites
Checkout BeTheBot , supposedly lets you view sites like Google/Yahoo does.

Its very simple to change your user agent in Firefox. Just do a little bit of googleing.

Here is one example from: http://www.tech-recipes.com/rx/1135/firefox_change_user_agents_access_content

If you don't want to download user agent switcher then you can also do this:

In the adderss bar type in
about:config


Then scroll down till you find (you can also use the filter feature)
"general.useragent.extra.firefox"
Double click on it and type in "Googlebot 2.1". Now this will change your user agent to the google bot. To change the user agent back to the original one just right click and click Reset.

But make sure you remember to change it back... You will get some weird ass shit happening on some sites...

0

Share this post


Link to post
Share on other sites
googlebot cannot browse any of our moderators or donors areas. They are whitelist only.

This is exactly what i'm tryin to do!

I tried that useragent thing. tried BeTheBot too. but no use. Is this means that there is no way to do this? oh, except trying to get a moderator's password!

0

Share this post


Link to post
Share on other sites

OR YOU COULD DONATE TO THE FORUM

0

Share this post


Link to post
Share on other sites

Because forums are usually built on top of a database and there are no specific files for each area, gaining access to a restricted area is not a matter of getting to see a protected file but a matter of gaining access to the database with permissions higher than the ones you usually have.

It's not a question of browser agent but one of credentials: username and password.

stealing cookies, sniffing passwords, capturing an active session, sql injection, xss to capture passwords, and bruteforce cracking of the password are some of possible attack vectors to gain access to a restricted area.

0

Share this post


Link to post
Share on other sites

Just as a general statement: Hacking a hacking forum is not usually a good idea. :nono: If you mess with the dawg, you may get bit.

0

Share this post


Link to post
Share on other sites

From my understanding, he wasn't referring to Binrev at all. He was asking about breaking into a forum that is private, and n3xg3n just used Binrev as an example of how some forums might be configured.

You could try to find a vulnerability in the specific forum software that the board uses. If it is a custom board, it may be poorly coded and you may have an easier time finding something just by doing your own research.

bethebot.com:

1) First, find the URL of the site you want to visit. It can be found in the "Address" bar of your internet explorer.

Guess I'll have to download wine.

Edited by Hembree
0

Share this post


Link to post
Share on other sites

hey guys

yeah, i think i have to find a vulnerability or something. but are there any sources for this? somewhere that reports vulnerabilities in web apps. and i dont want to use vulnerability scanners. duper thanks for the link. and Hembree is right. i'm not trying to hack this forums! i'm not a pro! just trying to learn something. thats all!

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now