MyBB Community Forums

Full Version: Tamper Data Attack
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2 3
Someone is entering my site using Tamper Data (Mozila plugin) and he get access of admin panel.

My friend told me its because of lack of security in member.php. So please some one guide me how to solve this issue

I'm using the latest version of MyBB (1.6.4 (1604)). Please some one help me to secure my forum
That's not true.
Please tell me how can i prevent the attack
(2011-08-29, 06:53 AM)shinekwt Wrote: [ -> ]Someone is entering my site using Tamper Data (Mozila plugin) and he get access of admin panel.

This just isn't possible. All that plugin allows is modification of HTTP and HTTPS headers and post values. There is no way for them to get access to the admin control panel without a valid password, which is hashed. They must have gained access some other way.
(2011-08-29, 07:06 AM)Berlo Wrote: [ -> ]
(2011-08-29, 06:53 AM)shinekwt Wrote: [ -> ]Someone is entering my site using Tamper Data (Mozila plugin) and he get access of admin panel.

This just isn't possible. All that plugin allows is modification of HTTP and HTTPS headers and post values. There is no way for them to get access to the admin control panel without a valid password, which is hashed. They must have gained access some other way.

I'm Posting here the conversation with that hacker and he explain how he hack my board

Quote:kk go to http://pinoybodybuilding.com/ ,,, (this is not my board .. he pick another board to hack)
yes
i'm in
hnh.giants: okay
open tamper data
11:58 AM nonoon
scroll up first
kk now open the addon
me: were is that addone mate
hnh.giants: in add-ons?
11:59 AM did you restart ff afterwards?
me: s
12:02 PM hnh.giants: go to the forum now
brign up tamper data
make it normal size lol
12:03 PM kk click start tamper
then click register afterwards
click the check mark
then clikc tamper
me: one popup come
12:04 PM giants: kk wherei t sasy cookie
delete all that orange
me: done
delete
paste this
mybb[lastvisit]=1313053471; mybb[lastactive]=1313053582; sid=5ef0490f4cd9274006457f01220d55b4; mybbuser=3_tIMTtvGNGBWSobcRWq5zwy3iKzhGqcEDtLZLAo2pnVzSsgmnVb
12:05 PM then OK
?
giants: yep
an click stop tamper
me: lohoek hate your user name
12:06 PM yaw
hnh.giants: thats the admin
you have to tamper every page you do tho
me: from were u get this
mybb[lastvisit]=1313053471; mybb[lastactive]=1313053582; sid=5ef0490f4cd9274006457f01220d55b4; mybbuser=3_tIMTtvGNGBWSobcRWq5zwy3iKzhGqcEDtLZLAo2pnVzSsgmnVb
giants: or yourll get logged out
3 = his UserID
12:07 PM after the underscore = his name Aldrin encrypted with a salt using sha1
me: were to get the sha1 mate
giants: you gotta do it your self
12:08 PM its a php command
kk upload the fix on your forum & I'll let oyu try an hack it

****
**
me: after i get the first page.. when i cleck MOD CP its logout
12:34 PM giants: you have to tamper every new page

Here is the screen shoot after i apply the temper date in the above forum

[Image: immb6t.jpg]
I just checked this and I can verify that it does work. The problem is that it's extremely difficult to get the right salt and stuff for the hash after the user ID.
Its simple to get the hash code of any user using the some simple php sault command mate. Any way to solve this issue !!!
The loginkey is completely random, you can't guess it.
Quote:Its simple to get the hash code of any user using the some simple php sault command

please post such code in Private Inquiries section / send thru Contact myBB
(2011-08-29, 09:27 AM)ranjani Wrote: [ -> ]
Quote:Its simple to get the hash code of any user using the some simple php sault command

please post such code in Private Inquiries section / send thru Contact myBB


I already send the code via contact mybb. please have a look
Pages: 1 2 3