What methods/tools would you use to hack a forum (PHP)?
#1
I am completely new to hacking and I would like to practice hacking skills.

Say you will hack a forum which is in written PHP (open source), database is mysql, OS is Ubuntu. All known vulnerabilities and exploits don't work because those vulnerabilities have been patched.

I would like to know, what methods/tools (easy or complex) will you try to hack such forum? I will start learning those techniques.

Thank you very much.
Reply
#2
In the beginning it's very important to know exactly what's going on, so avoid using any tools you haven't written yourself. Now, from the scenario you described, you can do the following:
  • Install the forum system locally. In the same version, with the same plugins. If possible, even with the same theme.
  • Review the code. I prefer to review manually, which is more work but makes you better understand how it works.
  • Stay tuned for updates. Subscribe to the official forum system newsletter. In fact, subscribe to general security newsletters. In case a vulnerability is found, you might find out before it is fixed on your target.
  • Run your tests at your local server.

Or you can try using social engineering with administrators. Which, in addition to having little chance of success, won't teach you anything. The point is that there is no magic technique or tool. I won't suggest an x or y tool because of the first line I mentioned, but I can recommend that you look for courses on pentest, red team and the like. They are not direct, they are not going to focus on forums and that is very good. Having a more generic view will teach you how to find your way in any situation.

Lastly, don't attack forums. Forums are the best environments to learn. Smile
Unless it's a dirty forum (a.k.a. child pornography, etc). In this case, turn them inside out.
Reply
#3
If the forum software is patched to the max, running a local instance of it will be very beneficial. As Corvo mentioned. In simple terms you could look at such an approach as reverse engineering the forum software in question piece by piece . Needless to say this can be quite the endeavor. I would suggest before going down that route to perform extensive OSINT and general Recon Operations.

Not only searching for information about the actual software but also info on the host, think provider, the server itself and potential vulnerabilities there.

A thorough port scan might also be in order. Say the Forum uses MySQL as a database, you could check if the server is listening on port 3306 and directly attack the DB itself. Perhaps by bruteforcing remote login credentials. Or maybe they have an old/misconfigured SSH running. Or a vulnerable file server.

All things to consider.
Reply
#4
Ditto. As the other said, putting up your own local instance of the forum and start trying to hack/fuzz it yourself. And a good idea would be to learn some PHP and go through the source code to look for any vulernabilities. Such as bad sanitizing of user input etc.

I recommend this doc (old but gold) for starters, if you want to learn a bit about analyzing PHP code for possible vulnerabilities:
https://dl.packetstormsecurity.net/paper...-vulns.txt
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  How are you supposed to get a job in this field? Ayumi_Nkm 1 2,170 04-04-2022, 11:18 AM
Last Post: Corvo
  How to use ARP spoofing to phish network equipment with front-end js encryption? baka1024 1 4,623 12-23-2021, 07:13 AM
Last Post: baka1024
  Have any of you made a backdoor on VMWARE ESXi? baka1024 4 7,228 11-04-2021, 06:45 AM
Last Post: baka1024
  What got you into hacking? Atlas 9 28,649 09-30-2021, 02:50 AM
Last Post: MuddyBucket