Hack a guilds un-updated website.

[Bon]

Something I worked on a while back, never had time to finish it, but here it is none the less. It also requires some brainpower to do. I never bothered to fully complete it, but none the less it gives you the basics how to do it.



Disclaimer: All info is for educational purposes only.


Requirements.
A guild website running EQDKP 1.3.1 or lower.
Quickspoof. > [Only registered and activated users can see links. ]
Patience.



Choose your target site, remember it must be running Eqdkp 1.3.1 or lower, if your unsure of what version they are using, go to the DKP page and scroll to the bottem.






Now using a simple tool known at QuickSpoof the information needed to aquire the guilds database can be entered like so.





Once that has been done click the test button and it will bring you up to the backup feature for the SQL databases within the site.








Select the right database you want then pick out the ‘users’ option and download this data.


Within this file is all the information regarding the user accounts on the sites forums and/or dkp, plus more if they have multiple databases.






Now when you open this file you will be presented with a layout somewhat as shown, with the usernames and passwords in MD5 hash format, below is an example database showing such layout the password hash is shown in red.





Each line represents a new user, and in there will be, an email, signature, avatar settings ect.





Taking the MD5 hashes you need to be cracked. Type them into google, surprisingly a lot of hashes will be found just by doing this.



Any that did turn up in google follow the next steps.

Head to [Only registered and activated users can see links. ]

Where it says md5 available (0) status: online just keep refreshing every 5 minutes or so untill it says it has room to accept your hash, click the number whatever it may be at the time and enter the hash and the capcha and click insert.



Now after some time it should come back with a cracked hash, if it doesn't find it it is too complex to be worth taking the time to work out. Just try another user / pass combo.





Do what you wish with the info you aquired.



Enjoy.

[Kartio]

[Only registered and activated users can see links. ] That's the same thing. Or almost anyway.

[Vid Master]

Already posted... Sorry

Good guide nonetheless!

[Bon]

Quote:

Originally Posted by Vid Master

Already posted... Sorry

Good guide nonetheless!

No1, its not already posted because it was entiely written by me.

No2, yea I didnt look in that thread as it didnt seem to be of the same thing browsing through.

No3, Creepy how I posted this a few days after he posted his, but I only posted mine because I was deleting old documents and found it

[Tierman]

Yea. Repost. You may have written it yourself, but it's still the same concept.

[Vid]

Thx for the post i think you wrote it youself

[TwistedPixel]

Been using the other one and it works, as I'm sure yours does as well. Thanks for the post anyways.

[trojan300]

You just resposted but changed the spoof program...

[Dendra]

Reposted.
I prefer the FF addon anyway

[Bon]

Quote:

Originally Posted by trojan300

You just resposted but changed the spoof program...

Any you just posted useless bullshit to increase your post count

[trojan300]

Quote:

Originally Posted by Bon

Any you just posted useless bullshit to increase your post count

Says you. (filler)

[DrLecter]

I've actually seen an older one older than this and the aformentioned.
I'd have to do some digging but it was posted last year and involved a JS MD5 cracker.

[Wryun]

Oooh sweet Thanks

[Fillepille]

I tested this today and it worked great! Try to add diffrent words when u search for powered eqkp 1.3.1 like for example "3 drakes powered eqdkp 1.31"

[khaled1994]

REPOST,OLD,ALL THE EQDKP WEBSITES ARE Spoofed.