|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 137
Members: 0
Total: 137
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
migo79 |
|
Replies: 2 |
Views: 14028 |
|
|
|
|
|
|
Hello Guys
today when i was searching for old explits to test i stopped at this old bug in phpMyAdmin which the referenced Remote File Inclusion in PhpMyAdmin
i successfully able to use th XSS b ... |
|
|
|
|
wt u have now is the MD5 hash of the adminstrator
this is the wt u need to completely take over this site
i suggest you read waraxe very handy tutorial about how to use this info
take a look her ... |
|
|
|
|
hi
take alook at
http://www.waraxe.us/forum/viewtopic.php?t=224
http://www.waraxe.us/forum/viewtopic.php?t=243 |
|
|
|
|
there is many phpbb bugs are discovered and some of them are SQL injection cases, take a look at those links
http://securityfocus.com/bid/10722
http://securityfocus.com/bid/10740
can our hero w ... |
|
|
|
|
good waraxe , you understand what i want to do exactly
so what do u think is the best way to use this exploit other than deleting posts or logging out users ?
thanx ya Basha |
|
|
|
|
hello
when i try to put this input directly into the browser to delete forum from phpbb using this url
http://localhost/phpBB2/admin/admin_forums.php?mode=deleteforum&f=1
it gives me t ... |
|
|
|
|
sorry it's me posting the wrong url
here is the url for what i mean
http://www.securityfocus.com/bid/10722
|
|
|
|
|
anybody saw that on security focus
http://www.securityfocus.com/bid/10741
i guess waraxe involved on that |
|
|
|
migo79 |
|
Replies: 4 |
Views: 10792 |
|
|
|
|
|
|
/**/ is essential to evade the protector system because if use normal injection the protector will ban u.
and also it will not affect the query because as u can see it's jst a comment so it will be i ... |
|
|
|
migo79 |
|
Replies: 7 |
Views: 15962 |
|
|
|
|
|
|
and here is a well detailed tutorial too
you have to register for free to view it but it well worth
http://www.idefense.com/application/poi/researchreports/display?id=9 |
|
|
|
migo79 |
|
Replies: 7 |
Views: 15962 |
|
|
|
|
|
|
that's a well clarified reply
thanks too much |
|
|
|
migo79 |
|
Replies: 7 |
Views: 15962 |
|
|
|
|
|
|
hello guys
can you waraxe give a tutorial on how send a cookie file to a form and then to be mailed to anyone
i mean by discovering a cross site scripting vuln in any script
how can i write the ... |
|
|
|
|
hey
i tried to activate web mail module and tried to send attacment to store it on the server
this attachment is a php file that read the config.php from the server
the problem that phpnuke blocked ... |
|
|
|
migo79 |
|
Replies: 3 |
Views: 10185 |
|
|
|
|
|
|
yes waraxe
exactly what u say, but instead of the integrated phpbb
i wanna use the image tag to promote my userid in another installation of phpbb |
|
|
|
migo79 |
|
Replies: 3 |
Views: 10185 |
|
|
|
|
|
|
hey waraxe
you are always overhelming me with your answers , this time when i was reading an old advisory written by you about getting easy admin right in phpnuke using BBcodes in phpbb
now by the ... |
|
|
Page 1 of 2 |
Goto page 1, 2Next All times are GMT |
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|