Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

could someone help me...


ghost's Avatar
0 0

could someone help me find out how to get pass's to really ez looking admin areas like… this one for example http://www.preciouscats.net/vieraskirjat/gbookblue.php?id=admin just looking for help not showing me how to do every step… unless u want ;) but if you dont want to dont waste my time or yours replying "Your a damn idiot mate" ;) cause im not askin u to tell me how to hack a site.. just need help on gettin a pass

thx


ghost's Avatar
0 0

I looked at it for a second and saw that in the souce is gives you a couple session ID's. If you input one of those onto your cookie, you could be an admin. I also saw that you could use sql injection, but I am not to good at that


ghost's Avatar
0 0

thx man

is "PHPSESSID" the admin session id you talkin about?.. scrathc that.. do i do anything with the PHPSESSID? or the a2902a19838958159f70310cfa5c3cf5? i have a firefox cookie editor program. do i mess w/ the path? it is /

and could someone help me w/ editing cookies :/ i'll check it out but i dunno if i'll get it


ghost's Avatar
0 0

I took a look at it and I believe the admin session id is b4936d0d74570296e79b456cbd5b6eb7. That is what I found in the form. And it does look like it is vulnerable to SQL injection. look it up in the articals section. im not to good at that ether.

EDIT

Never mind that session id is given to you when you get to that page. Ill keep looking.


ghost's Avatar
0 0

alright thx man yea i noticed that was given too :/