 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 140
 Members: 0
 Total: 140
|
|
|
|
|
|
Full disclosure |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
| migo79 |
|
| Replies: 2 |
| Views: 13961 |
|
|
 |
|
 |
|
Hello Guys
today when i was searching for old explits to test i stopped at this old bug in phpMyAdmin which the referenced Remote File Inclusion in PhpMyAdmin
i successfully able to use th XSS b ... |
|
|
|
|
wt u have now is the MD5 hash of the adminstrator
this is the wt u need to completely take over this site
i suggest you read waraxe very handy tutorial about how to use this info
take a look her ... |
|
|
|
|
hi
take alook at
http://www.waraxe.us/forum/viewtopic.php?t=224
http://www.waraxe.us/forum/viewtopic.php?t=243 |
|
|
|
|
there is many phpbb bugs are discovered and some of them are SQL injection cases, take a look at those links
http://securityfocus.com/bid/10722
http://securityfocus.com/bid/10740
can our hero w ... |
|
|
|
|
good waraxe , you understand what i want to do exactly 
so what do u think is the best way to use this exploit other than deleting posts or logging out users ?
thanx ya Basha |
|
|
|
|
hello
when i try to put this input directly into the browser to delete forum from phpbb using this url
http://localhost/phpBB2/admin/admin_forums.php?mode=deleteforum&f=1
it gives me t ... |
|
|
|
|
sorry it's me posting the wrong url
here is the url for what i mean
http://www.securityfocus.com/bid/10722
|
|
|
|
|
anybody saw that on security focus
http://www.securityfocus.com/bid/10741
i guess waraxe involved on that |
|
|
|
| migo79 |
|
| Replies: 4 |
| Views: 10738 |
|
|
|
|
|
|
/**/ is essential to evade the protector system because if use normal injection the protector will ban u.
and also it will not affect the query because as u can see it's jst a comment so it will be i ... |
|
|
|
| migo79 |
|
| Replies: 7 |
| Views: 15868 |
|
|
|
|
|
|
and here is a well detailed tutorial too
you have to register for free to view it but it well worth
http://www.idefense.com/application/poi/researchreports/display?id=9 |
|
|
|
| migo79 |
|
| Replies: 7 |
| Views: 15868 |
|
|
|
|
|
|
that's a well clarified reply
thanks too much |
|
|
|
| migo79 |
|
| Replies: 7 |
| Views: 15868 |
|
|
|
|
|
|
hello guys
can you waraxe give a tutorial on how send a cookie file to a form and then to be mailed to anyone
i mean by discovering a cross site scripting vuln in any script
how can i write the ... |
|
|
|
|
hey
i tried to activate web mail module and tried to send attacment to store it on the server
this attachment is a php file that read the config.php from the server
the problem that phpnuke blocked ... |
|
|
|
| migo79 |
|
| Replies: 3 |
| Views: 10128 |
|
|
|
|
|
|
yes waraxe
exactly what u say, but instead of the integrated phpbb
i wanna use the image tag to promote my userid in another installation of phpbb |
|
|
|
| migo79 |
|
| Replies: 3 |
| Views: 10128 |
|
|
|
|
|
|
hey waraxe
you are always overhelming me with your answers , this time when i was reading an old advisory written by you about getting easy admin right in phpnuke using BBcodes in phpbb
now by the ... |
|
|
| Page 1 of 2 |
Goto page 1, 2Next
All times are GMT |
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
