Sign in to follow this  
Followers 0
pinoy_ako

gaining root access to a forum?

9 posts in this topic

hey guys can you give me some advice or tips on how to gain root access to a forum?

a got this info about them,is der anything usefull to exploit them?

http://www.victimsite.org was running Apache on Linux when last queried at 9-Apr-2009 08:23:22 GMT

OS Server Last changed IP address Netblock Owner

Linux Apache 5-Apr-2009 00.00.000.000 LeaseWeb

Linux Apache 5-Jan-2009 00.00.000.000 LeaseWeb

LInux Apache 2-Oct-2008 00.00.000.000 LeaseWeb

Linux Apache 1-Oct-2008 00.00.000.000 LeaseWeb

Linux Apache 28-Jun-2008 00.00.000.000 LeaseWeb

Linux Apache 25-May-2008 208.110.67.101 PC RANGE PTY LTD

Linux Apache 26-Feb-2008 208.110.67.101 PC RANGE PTY LTD

Linux Apache/1.3.37 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 mod_gzip/1.3.26.1a FrontPage/5.0.2.2635.SR1.2 mod_ssl/2.8.28 OpenSSL/0.9.7a 4-Jul-2007 208.110.67.101 WholeSale Internet

Linux Apache 25-Jun-2007 72.232.251.174 Layered Technologies, Inc.

Linux Apache/1.3.37 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 FrontPage/5.0.2.2635.SR1.2 mod_ssl/2.8.28 OpenSSL/0.9.7a PHP-CGI/0.1b 23-Jan-2007 216.246.91.247 Server Central Network

i also did some traceroute:

00.00.000.000 is from Netherlands(NL) in region Western Europe

TraceRoute to 00.00.000.000 [www.victimsite.org]

Hop (ms) (ms) (ms) IP Address Host name

1 9 7 6 72.249.0.65 -

2 6 6 6 8.9.232.73 xe-5-3-0.edge3.dallas1.level3.net

3 6 9 11 4.68.19.69 ae-23-79.car3.dallas1.level3.net

4 7 7 6 4.68.63.194 -

5 27 30 28 213.248.80.145 atl-bb1-link.telia.net

6 40 63 72 80.91.248.138 ash-bb1-link.telia.net

7 128 128 125 213.248.65.209 ldn-bb2-pos6-0-0.telia.net

8 124 134 136 80.91.250.62 adm-bb2-link.telia.net

9 126 124 128 80.91.254.133 adm-b2-link.telia.net

10 147 125 124 80.91.248.246 adm-evo-i2-link.telia.net

11 138 130 131 213.248.88.198 leaseweb-ic-126777-adm-evo.c.telia.net

12 130 132 127 85.17.100.226 po100.sr1.evo.leaseweb.net

13 130 139 136 00.00.000.000 www.victimsite.org

Trace complete

and another:

Retrieving DNS records for www.victimsite.org...

DNS servers

ns2.hakipedia.org

ns1.hakipedia.com [00.00.000.140]

Answer records

victimsite.org 1 SOA server: localhost

email: someone@gmail.com

serial: 1213292811

refresh: 10800

retry: 3600

expire: 604800

minimum ttl: 38400

38400s

victimsite.org 1 NS ns1.hakipedia.com 38400s

victimsite.org 1 NS ns2.hakipedia.org 38400s

victimsite.org 1 A 00.00.000.000 38400s

Authority records

Additional records

ns1.hakipedia.com 1 A 00.00.000.000.140 38400s

Domain ID:D106761826-LROR

Domain Name:victimsite.ORG

Created On:29-Jun-2005 16:16:21 UTC

Last Updated On:13-Jun-2008 23:46:56 UTC

Expiration Date:29-Jun-2009 16:16:21 UTC

Sponsoring Registrar:GoDaddy.com, Inc. (R91-LROR)

Status:CLIENT DELETE PROHIBITED

Status:CLIENT RENEW PROHIBITED

Status:CLIENT TRANSFER PROHIBITED

Status:CLIENT UPDATE PROHIBITED

Registrant ID:GODA-034273842

Registrant Name:Registration Private

Registrant Organization:Domains by Proxy, Inc.

Registrant Street1:DomainsByProxy.com

Registrant Street2:15111 N. Hayden Rd., Ste 160, PMB 353

Registrant Street3:

Registrant City:Scottsdale

Registrant State/Province:Arizona

Registrant Postal Code:85260

Registrant Country:US

Registrant Phone:+1.4806242599

Registrant Phone Ext.:

Registrant FAX:+1.4806242598

Registrant FAX Ext.:

Registrant Email:victimsite.ORG@domainsbyproxy.com

Admin ID:GODA-234273842

Admin Name:Registration Private

Admin Organization:Domains by Proxy, Inc.

Admin Street1:DomainsByProxy.com

Admin Street2:15111 N. Hayden Rd., Ste 160, PMB 353

Admin Street3:

Admin City:Scottsdale

Admin State/Province:Arizona

Admin Postal Code:85260

Admin Country:US

Admin Phone:+1.4806242599

Admin Phone Ext.:

Admin FAX:+1.4806242598

Admin FAX Ext.:

Admin Email:victimsite.ORG@domainsbyproxy.com

Tech ID:GODA-134273842

Tech Name:Registration Private

Tech Organization:Domains by Proxy, Inc.

Tech Street1:DomainsByProxy.com

Tech Street2:15111 N. Hayden Rd., Ste 160, PMB 353

Tech Street3:

Tech City:Scottsdale

Tech State/Province:Arizona

Tech Postal Code:85260

Tech Country:US

Tech Phone:+1.4806242599

Tech Phone Ext.:

Tech FAX:+1.4806242598

Tech FAX Ext.:

Tech Email:victimsite.ORG@domainsbyproxy.com

Name Server:NS1.HAKIPEDIA.COM

Name Server:NS2.HAKIPEDIA.COM

Name Server:

Name Server:

Name Server:

Name Server:

Name Server:

Name Server:

Name Server:

Name Server:

Name Server:

Name Server:

Name Server:

anything usefull to exploit the site?

and how will know the real name of the people using der phone numbers?

thanks guys in advance...

0

Share this post


Link to post
Share on other sites

sori about dat bro,,,hehehe,, so wats the answer to the question? wats the 1st step to exploit the site? god speed guys... :D

0

Share this post


Link to post
Share on other sites
sori about dat bro,,,hehehe,, so wats the answer to the question? wats the 1st step to exploit the site? god speed guys... :D

The first step is to actually learn how a forum you're exploiting works, how the vulnerability works, and then learn how the exploit you want to use works.

0

Share this post


Link to post
Share on other sites

ah ok thanks bro,, can you recommend a site or tutorials on how to do all of these thing from start to finish? coz im new to hacking all i know is the basic one.. i appreciate your help, god speed bro...

0

Share this post


Link to post
Share on other sites
ah ok thanks bro,, can you recommend a site or tutorials on how to do all of these thing from start to finish? coz im new to hacking all i know is the basic one.. i appreciate your help, god speed bro...

There is no such thing as a tutorial that will guide you "start to finish". You seem not to know at all what hacking is about, so before you do anything, read this: http://www.catb.org/~esr/faqs/hacker-howto.html

0

Share this post


Link to post
Share on other sites

The tutorial is called Google. or you could simply find out what forum system they are running, download a copy of it, break apart the code to find vulnerabilities and then you can start your attacks.

Failing that you can take the route of the SK and download some tools (not recommended IMO) but there are too many scum in the world who do take this route.

But truthfully, read, learn, hack is the way it works.

0

Share this post


Link to post
Share on other sites

How did this not get reported? Come on guys, if no mods are awake, use the Report! button at the bottom there.

This is clearly against the rules and guidelines. Also see this post about intent.

Topic closed.

0

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0