Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web BBS :: etc :: wwwboard.txt

WWWBoard - Hacking a WWWBoard




************************************************ 
                 Hacking
                    a
                 WWWBOARD

by: Pinzel /Version 1.0/updates on my homepage !
United Underground Member
************************************************

Sections:

00	The date.
01	What the hell is a wwwboard?
02	Basic idea of hacking
03	Where to get the password file?
04	What to do with this nice file?
05	Ok..I have a password..but how 2 use it?
06	Rest of the shit....

------------------------------------------------

SECTION 00

Today we have the 29.07.97

------------------------------------------------

SECTION 01

Q:"Dear Pinzel...I'm a 13 year old boy and I 
   want to learn how to hack...WHAT IS A 
   WWWBOARD?????"   ;-)

A:"A wwwboard is a place in the net where users
   are able to discuss some sort of shit...you 
   can see the results of what they write in a
   HTML document. If you want to see such a nice
   wwwboard, then go to yahoo.com or other 
   search engines and search for the word
   ----->wwwboard<------ (simple huh???).
   In the most times the wwwboard file is called
   wwwboard.html or wwwboard.htm ."

------------------------------------------------

SECTION 02

The basic idea of hacking a wwwboard:
01: Search for a wwwboard.
02: Get the password file.
03: encrypt the password file.
04: Get access as the admin.
05: Do what you want but remember:
    Are you a hacker or a trasher?

------------------------------------------------

SECTION 03

Where is this fuckin password file all the world
talks of???

Nearly all the time the password file is in the
same directory where the wwwboard.html file is
located. Just got to your browser and change 

http://you.suck.com/wwwboard/wwwboard.html
to
http://you.suck.com/wwwboard/password.txt
if you have no result...try to change it into
passwd.txt or only passwd.
You get the file? Ok next step--->

------------------------------------------------

SECTION 04

Lets take a look at this nice file:

rstrehle:aefgBfbreI8e6   
\  /\  / \     /\    /
username  crypted password

You see?
First the username and than after the dubble-
point the crypted password!

Now the work beginns  :-)

Search in the net for a Unix-passwd cracker
like Jack, John or KC...
Search for a wordlist (please take a big one!)

Edit the password.txt file so that it looks 
like an UNIX passwd file!

the file called password.txt

rstrehle:aefgBfbreI8e6

gets to an UNIX file called passwd.

rstrehle:aefgBfbreI8e6:150:25:Sven Pinzel:
 /usr/email/users/spinzel:/bin/csh

WRITE THIS IN ONE LINE !!!

I think that on some crackes (John I think)
you don't have to edit the file..!
 RUN THE CRACKER !!

------------------------------------------------

SECTION 05

What to do whit the fuckin password??

Did your computer scream piiiiiep !!!
You got the password?!?!?!?!?

Ok...
...back to the net...
to use the password you need to find the admin-
programm which is usually stored in the cgi-bin
directory. It is usually called: wwwadmin.pl or 
wwwadmin.cgi.
Do what you want !!!

------------------------------------------------

SECTION 06

For questions visit my homepage at

http://www.cyberjunkie.com/pinzel

or directly eMail me at

pinzel@cyberjunkie.com

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Notice: I never trashed a wwwboard!
I told every systemadministrator about his 
security hole!
I hope you do so too!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

BTW: If you want to test your crack programm
     just create a file with the username and
     the password out of SECTION 04. If you get
     the password "benito" you're on the right
     way!
------------------------------------------------  


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH