how do you hack Strongbox secured sites?
Views: 5585 - Replies: 19
|
01-08-2006, 03:21 PM
|
#2
|
The sPlicster
sPlico is offline
Join Date: Jan 2005
Location: Croatia
Posts: 9,487
Threads: 408
|
Answered at least 100 times. Some sites have the "bluff" mode on, which makes them normal forms. Other are exploited.
|
|
|
01-08-2006, 04:05 PM
|
#3
|
Guest
|
thanks for fast answer (sorry if its been up that many...)
I'm only experienced in bruteforcing... so by exploiting, what do you mean exactly? something like searching for .cgi files (what are those?)? with which software (accessdiver?)?
thank you for your help
|
|
|
01-08-2006, 07:28 PM
|
#4
|
Cheshire Cat
slysnake is offline
Join Date: Jan 2005
Posts: 5,507
Threads: 315
|
Quote:
I'm only experienced in bruteforcing... so by exploiting, what do you mean exactly
|
It seems you know more than you are letting on. ;)
__________________
"How do you know I'm mad?" said Alice.
"You must be," said the Cat, "or you wouldn't have come here."
|
|
|
01-09-2006, 04:39 AM
|
#5
|
Platinum Exploiter
daemon.azazel is offline
Join Date: Aug 2005
Location: Eastern Europe
Posts: 1,324
Threads: 104
|
yes many sites equipped by strongbox was exploited
because of their relationship to AWW cms, both products
are supplied in one pack.
strongbox + AWW is very same as sparta + NATS
|
|
|
01-09-2006, 06:23 AM
|
#6
|
Guest
|
well hit 'karisweets.com' with +-5000 combos, not gonna waste any more proxies on trying bruteforce, probably isnt fake OCR but the real deal (I thought C-force can hack Strongbox, see's a difference in reply, thought someone in pass section said he does it with C-force, but never worked for me)
any clarification on AWW cms, sparta + NATS, cause that doesn't ring a bell for me...
thanks for your excellent expertise ;)
|
|
|
01-09-2006, 09:59 AM
|
#7
|
The sPlicster
sPlico is offline
Join Date: Jan 2005
Location: Croatia
Posts: 9,487
Threads: 408
|
Quote:
Originally Posted by daemon.azazel
yes many sites equipped by strongbox was exploited
because of their relationship to AWW cms, both products
are supplied in one pack.
strongbox + AWW is very same as sparta + NATS
|
Well, even more of them got exploited because of the certain "combos" :P
|
|
|
01-09-2006, 06:33 PM
|
#8
|
Exploiter
FlowerHorn is offline
Join Date: Nov 2005
Location: Vietnam
Posts: 760
Threads: 353
|
Like sPlico mention before, some strongbox ocr sites are "bluff", which isn't fake because it does require the post data <code> reading along with the user/pass. For example, karisweets and ravenriley are non-bluff, therefore, you trying to bf it won't work. Some ocr sites work with c-force if you use cookie manipulation, but that's another story :)
lol @ sPlico, "certain combos" I know what you u are saying there bro :)
|
|
|
01-10-2006, 10:49 AM
|
#9
|
Site Cracker
grzesiek is offline
Join Date: Jan 2005
Location: Poland
Posts: 489
Threads: 60
|
karisweets.com has generated passes, only few are user chosen
and yes, it has ocr on. the good thing is you don't need any "certain combos"
(me sure daemon knows what i mean)
|
|
|
01-10-2006, 03:16 PM
|
#10
|
Guest
|
so something like exploiting: find the .cgi file, which contains passes, decrypt it and so on...?
(been reading on the forum, but not yet found how and with what best..., but will search some more later...)
|
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
Thread Tools |
|
Display Modes |
Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -4. The time now is 12:31 AM. |
|
|
|
|