Alternative get 94kk Forum administrator password to get the shell-vulnerability warning-the black bar safety net

ID MYHACK58:62200924104
Type myhack58
Reporter 佚名
Modified 2009-08-02T00:00:00


Excerpt from: Qglfnt's Blog Not much to say, directly into the topic. Can to on Google to the“Powered by 94kk 2.1.0”(this is 94KKBBS the latest edition), as a keyword search. Just find a forum, click on“login”in the login do not fill in the user name and password, but directly click on the“Forgot Password”, then“user name”Enter admin“password problem”input ddddd, Note:Due to the admin user set the password question and answer is ddddd it.

OK, successfully get the Admin Password through this password you can login the bbs front and back. The next step is to take the shell, due to the background backup the database functions with the database file to identify the judgment, so we have to put the horse structure it, you can use the empty database combiner this tool is configured to jpg format file, then again to the front Desk to upload the configuration file. 上传 的 文件 路径 :/uploadfile/topicfile/xxx.jpg Finally, you can successfully backup the database to get the shell. Very simple to say.