Buat yang mau coba coba nih…

Ok well Im sure lots of these doing it this way have already been defaced and turned into to zone-h but here goes.
First do a yahoo search for : Php-Nuke Powered Site or PHP-Nuke Copyright © 2005 by Francisco Burzi.(2003, 20040 is vuln years as well.
Then when you find a site check to see if journal is active, if it is try:

http://www.target.com/modules.php?n…IT/%2a%2a/9/%2a

If it works it will display the md5 hashes of superadmins in a journal search query. If module is not active go to search page and enter this into query:

p0hh0nsee%’) UNION ALL SELECT 1,2,aid,pwd,5,6,7,8,9,10 FROM nuke_authors/*

will do the same thing

Ok next way is to do a yahoo search for: Php-Nuke PLatinum “Sentinel” because we want platinum sites with sentinel. It dont matter what patches they have either although there has been a ptach released there is still lots of vuln sites. Platinum 7.6b3 and earlier is game too
Find a site then try

[code]
http://www.target.com/modules.php?n…2a/nuke_authors
[/code

That works like a charm and not many sites are patched against it, protector the stock platinum security will stop this if active.

To krack the hashes first go to
http://gdataonline.com/seekhash.php
Its fast but only kracks easy passes, if that dont work try
http://www.plain-text.info/
The best one but full a lot, in that case as a last resort go to
http://www.milw0rm.com/kracker/insert.php
its decent but slow and there is a 2 hash per day limit.

Categories: Hacking, Internet, Tip and Trik