[DiscordArchive] I was wondering if someone could tell me how to retrieve a forgotten password from acore_auth, accou
[DiscordArchive] I was wondering if someone could tell me how to retrieve a forgotten password from acore_auth, accou
Original source
I was wondering if someone could tell me how to retrieve a forgotten password from acore_auth, account?
rektbyfaith
10-02-2022, 08:01 PM #1Archived author: RIVEIR • Posted: 2022-10-02T20:01:57.806000+00:00
Original source
I was wondering if someone could tell me how to retrieve a forgotten password from acore_auth, account?
Original source
I believe you can change the password too
rektbyfaith
10-02-2022, 08:03 PM #2Archived author: Kira • Posted: 2022-10-02T20:03:02.516000+00:00
Original source
I believe you can change the password too
Original source
You can't, it's hashed. Change the password from console
rektbyfaith
10-02-2022, 08:03 PM #3Archived author: Foe • Posted: 2022-10-02T20:03:50.235000+00:00
Original source
You can't, it's hashed. Change the password from console
Original source
Ok thanks. I wasn't sure if there was a decryption that could be done.
rektbyfaith
10-02-2022, 08:04 PM #4Archived author: RIVEIR • Posted: 2022-10-02T20:04:56.993000+00:00
Original source
Ok thanks. I wasn't sure if there was a decryption that could be done.
Original source
That would make hashing pointless to begin with
rektbyfaith
10-02-2022, 08:05 PM #5Archived author: Foe • Posted: 2022-10-02T20:05:17.044000+00:00
Original source
That would make hashing pointless to begin with
Original source
Indeed. I was just thinking since it's my server that there may be some option to change it since I have to have permission to log into mysql to begin with.
rektbyfaith
10-02-2022, 08:06 PM #6Archived author: RIVEIR • Posted: 2022-10-02T20:06:40.361000+00:00
Original source
Indeed. I was just thinking since it's my server that there may be some option to change it since I have to have permission to log into mysql to begin with.
Original source
lol I remember back in 2006-2009 when people used EQDKP for their websites there was a spoof you could do to gain admin access on 90% of all sites because most were to lazy to apply the fix for the spoof. The passwords were stored in plain text and most people used same password everywhere for e-mails etc so I gained access to tons of b.net accounts and other accounts that way
rektbyfaith
10-02-2022, 08:07 PM #7Archived author: Kira • Posted: 2022-10-02T20:07:06.714000+00:00
Original source
lol I remember back in 2006-2009 when people used EQDKP for their websites there was a spoof you could do to gain admin access on 90% of all sites because most were to lazy to apply the fix for the spoof. The passwords were stored in plain text and most people used same password everywhere for e-mails etc so I gained access to tons of b.net accounts and other accounts that way
Original source
Ah dang yeah that is really bad.
rektbyfaith
10-02-2022, 08:08 PM #8Archived author: RIVEIR • Posted: 2022-10-02T20:08:48.591000+00:00
Original source
Ah dang yeah that is really bad.
Original source
Talking about spitting on their users
rektbyfaith
10-02-2022, 08:09 PM #9Archived author: Revision • Posted: 2022-10-02T20:09:49.916000+00:00
Original source
Talking about spitting on their users
Original source
https://www.exploit-db.com/exploits/4030
https://www.exploit-db.com/exploits/3252
[Embed: EQdkp 1.3.2 - 'listmembers.php' SQL Injection]
https://www.exploit-db.com/exploits/4030
[Embed: EQdkp 1.3.1 - 'Referer Spoof' Remote Database Backup]
https://www.exploit-db.com/exploits/3252
rektbyfaith
10-02-2022, 08:12 PM #10Archived author: Kira • Posted: 2022-10-02T20:12:17.756000+00:00
Original source
https://www.exploit-db.com/exploits/4030
https://www.exploit-db.com/exploits/3252
[Embed: EQdkp 1.3.2 - 'listmembers.php' SQL Injection]
https://www.exploit-db.com/exploits/4030
[Embed: EQdkp 1.3.1 - 'Referer Spoof' Remote Database Backup]
https://www.exploit-db.com/exploits/3252