Go4Expert

Go4Expert (http://www.go4expert.com/)
-   Ethical hacking (http://www.go4expert.com/forums/ethical-hacking-forum/)
-   -   My Forum Exploit!! (I coded a tool) (http://www.go4expert.com/forums/forum-exploit-i-coded-tool-t16270/)

Systemerror 19Feb2009 20:03

My Forum Exploit!! (I coded a tool)
 
See that login prompt? that is an example of what this software can do (please don't bann me I just used that as an example)...,

http://hackersparadise.synthasite.co...expScreeny.jpg

This exploit is something I discovered whilst trying to find certain vulnerabillities on forums, the way this works is via the http access manipulation, URL encoding and injection.

So what does it do?

This tool uses a weakness in almost all forums, that is, the way BBCode is used, the way it handles file extensions, and the way they don't use propper input checking bounds which ultimately is one big flaw, now for example, you can use this tool for two reasons, one of which is to be destructive, flood forums with pop-ups, use your actual target do DDoS another target to get thousands of people to attempt to login, causing a major DoS etc, or the better option is, you can use this tool as a great way for phishing, stealing login information and sending it back to yourself, you would need some scripting knowledge to do this but nothing too difficult.., in-fact there is a lot more that can be done with this, it just takes a little imagination, though it comes with a lot of help if you're struggling.

System requirements:

Windows 32 (XP or above)
.NET 3.5

Go to my site on software page for more info [SEE SIGNITURE LINK]:

Also, I've nearly finished uploading a youtube video tut, i'll out on here once finished.

SpOonWiZaRd 19Feb2009 20:27

Re: My Forum Exploit!! (I coded a tool)
 
very coooooooooooooooooooooool!

Systemerror 19Feb2009 20:32

Re: My Forum Exploit!! (I coded a tool)
 
Yeah it's pretty sweet huh, Ohh I uploaded a youtube vid

http://www.youtube.com/watch?v=RtGuMtiPVWk

shabbir 19Feb2009 21:17

Re: My Forum Exploit!! (I coded a tool)
 
You linked to an image which needs a password to view and so I edited your code

shabbir 19Feb2009 21:41

Re: My Forum Exploit!! (I coded a tool)
 
Forgot to add. Does this goes as Ethical ? Please justify and I would not mind having it here.

indiansword 19Feb2009 22:21

Re: My Forum Exploit!! (I coded a tool)
 
Quote:

Originally Posted by SpOonWiZaRd (Post 43178)
very coooooooooooooooooooooool!


it isnt new AT ALL!!!! its called BASIC AUTH PASS... google it and learn LOL... :thinking:

indiansword 20Feb2009 20:37

Re: My Forum Exploit!! (I coded a tool)
 
lol everyone regretting>?


All times are GMT +5.5. The time now is 00:36.