Security Vulnerabilities in phpBB

[myFriend]

first of all it is a big deal if some one gets into the BB cuz they can go and make some one made and then you wake up and see your wepons missing.
second 1/2 the stuff thats on the internet is out of date, 1/4 is false, 1/4 you don't even know about and can't find unless you know the web adress. and a small part is legit info.
third "hacker" is the proper term to refer to some one that is using programming skills to gain illegal access to a computer network of file. "cracker" is just part of that proces.
whitry its odd that you use your own webpage to deffine a word. trying going to this site OR here

[Guest]

The md5 hash could actually be cracked in minutes if you knew anything about distributed computing. And, Whitey, you're obviously not a "hacker" if you call yourself one.

[forgive_me]

The md5 hash could actually be cracked in minutes if you knew anything about distributed computing. And, Whitey, you're obviously not a "hacker" if you call yourself one.

realy....now haw do u do that if u dont have the key?....or u dont know that all curently used md5 password incriptions use keys to secure the data beter......and wen u pout your password to login ....the password u enterd is cripted and comapred....so its not decripted....

i realy like a discution but u have no idea wath u are talking here....NO OFFENCE


[quote=myFriend]first of all it is a big deal if some one gets into the BB cuz they can go and make some one made and then you wake up and see your wepons missing.[/quote]now realy do u just write this because of borenes.....firstly PHPBB is the PHP code of the FORUM so even if u breack that u can only cange minor things....

now to end all discusions...to be able to cheat/modify info of a user u can only do if:
- u are neer the server....fisicly and know a couple of passwords...easaly braked if u are there(NOT POSIBLE)
- u know the visual adress of the MYSQL database and its users/password....also extrimply hard almoust imposible to find....aldow the user/password is in the php code u normaly will never see them because that part of the code never generates a html....so u dont get it......and even if u have the user/password u can not do nothing with it because u need the IP were the database is......as the php-mysql are on diferent IP's so u will only se the php tryng to connect to localhost not the real ip...and the apache is configureted to redirect info sent to "localhost" to a surten ip........

so practicly it is IMPOSIBLE......realy...not to ofend anyone here....but there ware smarter people that thinkt the security......and its a standart to every respectable server

so dont go on telling that u can hack/crack/watever a MD5 password or modefy info of a user if u have breaked the ???FORUM????

[Sleipnir]

first of all it is a big deal if some one gets into the BB cuz they can go and make some one made and then you wake up and see your wepons missing.
second 1/2 the stuff thats on the internet is out of date, 1/4 is false, 1/4 you don't even know about and can't find unless you know the web adress. and a small part is legit info.
third "hacker" is the proper term to refer to some one that is using programming skills to gain illegal access to a computer network of file. "cracker" is just part of that proces.
whitry its odd that you use your own webpage to deffine a word. trying going to this site OR here

Nice link
Hacker:
One who is proficient at using or programming a computer; a computer buff.
One who enthusiastically pursues a game or sport: a weekend tennis hacker.

Wow, this means I'm a double hacker I entousiastically pursue a certain game I know. Called stargatewars, has anyone of you ever played that? You should try, you'll get hooked. I also consider myself proficient at using/programming a computer.
Still, I never considered myself a hacker cause I wouldn't have a clue how to get this info out of the server.

[Forum]

ok -mostly just to end this topic, all updates to phpbb done.
topic locked.