+- Sinisterly (https://sinister.ly)
+-- Forum: Hacking (https://sinister.ly/Forum-Hacking)
+--- Forum: Website & Server Hacking (https://sinister.ly/Forum-Website-Server-Hacking)
+--- Thread: Using MyBB SQL Injection (/Thread-Using-MyBB-SQL-Injection)
Pages:
1
2
Using MyBB SQL Injection - pandaa - 09-01-2012
I've seen a lot of tutorials on another forum for example on how to use an SQL injection to hack a forum, but they don't make sense to me. Can anyone please clarify?
RE: Using MyBB SQL Injection - Hardz - 09-03-2012
Are you specifically wanting to SQL inject a forum or any website in general?
RE: Using MyBB SQL Injection - Dismas - 09-04-2012
(09-03-2012, 03:01 AM)Hardz Wrote: Are you specifically wanting to SQL inject a forum or any website in general?
MyBB is a forum software. It's also the one we're using, haha.
The development team tends to stay on top of vulnerabilities and bugs, but you could look at plugins.
RE: Using MyBB SQL Injection - Hardz - 09-04-2012
Oh - I didn't see that bit in the title, my bad :p
RE: Using MyBB SQL Injection - ๖ۣۣۜۜFear - 09-08-2012
MyBB had a plugin (award system) if I'm not mistaken that was vulnerable a while back...best bet is plugins, look for weaknesses in them.
RE: Using MyBB SQL Injection - Sentry - 09-09-2012
As far as i know, there is no open MyBB injections. It's pretty secure, they're always on top of all vulnerabilities. There will be plenty of plugins though that you could try and inject.
RE: Using MyBB SQL Injection - Hardz - 09-11-2012
Found this site for you: http://www.securiteam.com/products/M/MyBB.html
Most probably out-dated but worth a little look-over.
RE: Using MyBB SQL Injection - ๖ۣۣۜۜFear - 09-11-2012
(09-11-2012, 07:52 PM)Hardz Wrote: Found this site for you: http://www.securiteam.com/products/M/MyBB.html
Most probably out-dated but worth a little look-over.
Nice information, all you need to do is find a site with that information and then abuse it.
RE: Using MyBB SQL Injection - Hardz - 09-11-2012
(09-11-2012, 08:48 PM)BaneKitty Wrote:(09-11-2012, 07:52 PM)Hardz Wrote: Found this site for you: http://www.securiteam.com/products/M/MyBB.html
Most probably out-dated but worth a little look-over.
Nice information, all you need to do is find a site with that information and then abuse it.
Ahaha - exactly.
RE: Using MyBB SQL Injection - Jewel - 10-02-2012
Find a vulnerability and exploit it. The software itself isn't vulnerable as
of yet so it's your best option. Look around for new releases in the exp
database and you will be sure to find something. You could always try
and scan their ports too to see if there's anything vulnerable running.