(Question) Best way to attack a forum?


0

Story:
So, I have a forum i’ve been trying to bypass and test the security, but because i am indeed a “noob” the only vulnerability i could find is that the robots.txt allows users to do multiple login attempts (Easily Fixed)

i also wish to learn about these types of forums and what breaks them etc.

Details:

Forum Origins: ipsfocus.
Database: MySQL
Forum Type: PHP

Question:
Would there be anything else i should try to find and what other attacks should i do/can i do?

P.s: The site is only locally hosted for now.

3replies
2voices
172views
Mugi [Mugiwara27]
7 years ago

0

How have you tried to bypass the security?


0

By using pyrit, WebScrab, Hamster.

pyrit: password attack and database attack.

WebScrab: finding variables to change

Hamster: sniffing out cookies and using them to login. +ettercap +ferret

Mugi [Mugiwara27]
7 years ago

0

Have you used other scanning software ?
Also, take a look at the version of everything in your forum ( version of MySQL, PHP, plugins and so ) and take a look at Google if there are some known vulnerabilities of these versions ( CVE )

You must be logged in to reply to this discussion. Login
1 of 4

This site only uses cookies that are essential for the functionality of this website. Cookies are not used for tracking or marketing purposes.

By using our site, you acknowledge that you have read and understand our Privacy Policy, and Terms of Service.

Dismiss