 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 207
 Members: 0
 Total: 207
|
|
|
|
|
|
Full disclosure |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
|
Sheesh. This thread is labeled as an exploit for phpbb 2.0.20 and below.
Instead of an explanation of the actual exploit, we have the usual "how to run a Perl script" and "how to get a cookie" post ... |
|
|
|
|
This is the flash actionscript code:
cookie=SharedObject.getLocal("cookiename");
if(cookie.data.viewed==null)
{
getURL("http://myurl/index.htm??fuseact ... |
|
|
|
|
what you want to make it less suspicious? just put a picture on the page of meetspin or something, the admin will think you are trying to flame him and ban you and ignore that message...
do you kno ... |
|
|
|
|
| go to illectric.com and select domain whois in the search, then enter the address of the site there and you should find some servers, then try and match up the user name and password and you can get a ... |
|
|
|
|
under
http://milw0rm.com/
at the videos there will be this flash movie
PHP Remote File Inclusion / Windows Backdoor
can anyone explain what these variables he types after the url all mean? |
|
|
|
|
| Ya you better update as soon as possible lol anyone can hack that in a minute. |
|
|
|
|
i just hacked a phpbb 2.0.17 site and downloaded the database and i dont get any passwords i just see this kind of stuff in the info for users:
INSERT INTO tdforum_posts (post_id, topic_id, for ... |
|
|
|
|
| I dont think this works anymore, i tried it exactly how you said it on my account and it wont work. I just wanna log in with the admin panel isnt there a way to do it with live http headers? |
|
|
 Forum:PhpBB Posted: Tue Apr 18, 2006 11:33 pm Subject: l |
|
|
|
| I used www.t35.com to make mine, all you have to do is upload the php file and post the exploit and it will work. |
|
|
| Forum:PhpBB Posted: Tue Apr 18, 2006 8:07 pm Subject: l |
|
|
|
| I thought there was a way to just post an image with bb code and it worked that way I saw something like that on milw0rm does anyone know how? |
|
|
|
|
That's what I did but I dont know how to format the cookies.
What do I make them be called and what data to I put in which one? |
|
|
|
|
I got this cookie off of a forum.
I can enter it into firefox's live http headers and login as admin and mess with stuff and download the database but I cant do everything, How can I make the real co ... |
|
|
| Forum:PhpBB Posted: Sun Apr 16, 2006 2:13 pm Subject: l |
|
|
|
Well I have tryed it ... and worked fine but it doesn't show me the victim Cookies 
I mean it shows the date , IP , and sometimes the link ...
IP: ***.***.***.***
Date and Time: ... |
|
|
| Forum:PhpBB Posted: Sun Apr 16, 2006 1:33 am Subject: l |
|
|
|
Lol i dont mean to be a noob but i get this error with my server:
Warning: fopen(log.txt) [function.fopen]: failed to open stream: Permission denied in /mnt/storage/user ... |
|
|
| Page 1 of 1 |
All times are GMT |
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
