Well I have noticed theres alot of people questioning about cutenews. I advise you NOT to use it, as there is now a script where you enter the username you wish to display the password (md5 hash). So if any staff members have a dictionary word as there password, there likely to get hacked.
Dont belive me?
Give me a link to your cutenews directory, and set up an account with a assword as a dictionary word (Or in the reverse md5 hash database).
Results 1 to 10 of 45
Thread: Cutenews - Don't use it
-
15-01-2008, 05:36 PM #1
Cutenews - Don't use it
-
Sounds interesting. MD5 thingy rings a bell from MySQL databases and phpAdmin. Anyways, ye.
2005: JOINED ; Radio DJ
2006: Radio DJ ; Senior DJ
2007: HxTV Flash Artist ; Productions Staff ; HxHD Staff ; Head DJ ; Events Organiser ; Productions Staff ; Competitions Staff ; Assistant Radio Manager
2008: Senior Competitions Staff ; Forum Moderator ; HxHD Staff ; Competitions Manager ; Graphics Designer
2009: LEFT ; Guest DJ
-
15-01-2008, 05:42 PM #3
Because cutenews is a text based database, you can easily extract infomation on the users as easy as you can display news from the news.txt
Originally Posted by H0BJ0B
-
Or just change your password to a better one
-
15-01-2008, 05:49 PM #5
Its the staff though Originally Posted by Nevernoob
-
Who cares lol? It can easily be hidden in a directory unknown.
CPU i5 3570 @ 4.2 GHz | Mobo GigaByte Z77D3H | RAM 8GB | GPU AMD Radeon 6870 | OS Win 8 64-bit | HD 1TB HD and 128GB SSD | Wheel Logitech G27
-
15-01-2008, 06:23 PM #7
The attack uses $_COOKIE Originally Posted by G-BOAH
-
15-01-2008, 06:27 PM #8
-
15-01-2008, 06:28 PM #9
Then the result would be 6547cd22b0e4de8a2d64dc6341cfd73c Originally Posted by Elliott-1
-
But you wouldn't be able to get the password. That's what elliot means.
Reply With Quote
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts