|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 74
Members: 0
Total: 74
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
Create Forum? |
|
Posted: Thu Aug 23, 2007 7:47 pm |
|
|
gfxluvr |
Beginner |
|
|
Joined: Aug 02, 2007 |
Posts: 4 |
Location: I don´t know, but the padded walls are nice. |
|
|
|
|
|
|
There is a website called createforum that is run under phpBB.
Well, I have a problem. I don't know what version phpBB it is.
But, when I do find out, I can get an exploit from milw0rm, right?
Thanks Guys |
|
|
|
|
|
|
|
|
Posted: Wed Dec 26, 2007 10:20 pm |
|
|
zellfaze |
Beginner |
|
|
Joined: Dec 27, 2007 |
Posts: 4 |
Location: /bin/null |
|
|
|
|
|
|
They are using phpbb 2.0.22 by mid January they will be using phpbb3
They have these mods installed:
1. chatbox
2. activity & arcade
3. jobs
4. ezportal
5. cash
6. shop
7. bank
8. lottery
9. logo customizer
10. quick reply
11. admin user list
12. global announcement
13. calendar
14. disable forum post count
15. extended color ranks
16. viewing ip address upon registration
17. memberlist access
18. profile access
19. spam bots detection
20. integrated shoutbox
21. free url submitter
22. disallow guest url/website/email posting
23. advance captcha
24. guest visual confirmation
25. humanizer
26. rss
27. merge topic
28. bad words removal (global)
29. block proxy sites (global)
30. auto bots removal (global)
31. block bad referrer (global)
The block proxy sites doesnt work to well, I always use a whenever I visit.
anyone know any vulnerable spots for SQL injection?
URL to there website is
http://www.************.com/
[[edit]]
No direct URL-s please!
[[/edit]] |
|
|
|
|
|
|
|
|
Posted: Wed Dec 26, 2007 10:42 pm |
|
|
waraxe |
Site admin |
|
|
Joined: May 11, 2004 |
Posts: 2407 |
Location: Estonia, Tartu |
|
|
|
|
|
|
Actually they use multi forum software and it's still unpatched against old but useful sql injection. So all that hosting server can be taken down within short time if someone has enough skills and motivation |
|
|
|
|
Posted: Wed Dec 26, 2007 10:49 pm |
|
|
zellfaze |
Beginner |
|
|
Joined: Dec 27, 2007 |
Posts: 4 |
Location: /bin/null |
|
|
|
|
|
|
May I ask what they used to make their site multiforum, was it a mod that they made or a premade one, or do you not know? |
|
|
|
|
Posted: Wed Dec 26, 2007 11:29 pm |
|
|
waraxe |
Site admin |
|
|
Joined: May 11, 2004 |
Posts: 2407 |
Location: Estonia, Tartu |
|
|
|
|
|
|
|
|
|
|
www.waraxe.us Forum Index -> PhpBB
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|