Waraxe IT Security Portal  
  Login or Register
::  Home  ::  Search  ::  Your Account  ::  Forums  ::   Waraxe Advisories  ::  Tools  ::
March 29, 2024
Menu
 Home
 Logout
 Discussions
 Forums
 Members List
 IRC chat
 Tools
 Base64 coder
 MD5 hash
 CRC32 checksum
 ROT13 coder
 SHA-1 hash
 URL-decoder
 Sql Char Encoder
 Affiliates
 y3dips ITsec
 Md5 Cracker
 User Manuals
 AlbumNow
 Content
 Content
 Sections
 FAQ
 Top
 Info
 Feedback
 Recommend Us
 Search
 Journal
 Your Account



User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9145

People Online:
Visitors: 687
Members: 0
Total: 687
PacketStorm News
·301 Moved Permanently

read more...
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index
Search found 16 matches
phpBB 2.0.17 and most likely below
PostForum: PhpBB   Posted: Thu Sep 15, 2005 6:55 am   Subject: phpBB 2.0.17 and most likely below
lunix
 
Replies: 63
Views: 89021




I tried this a while ago. I also tried using the GD library to create an image with php.
But because the header sent by the script is a redirect header it wont work because the image will need to sen ...
phpBB 2.0.17 and most likely below
PostForum: PhpBB   Posted: Wed Sep 14, 2005 10:48 pm   Subject: phpBB 2.0.17 and most likely below
lunix
 
Replies: 63
Views: 89021




you cant do it because it looks for an image, and dosnt find an image.
Its a function of the browser.

If the browser looks for an image and finds no image data or headers it displpays the red X.
...
phpBB 2.0.17 and most likely below
PostForum: PhpBB   Posted: Tue Sep 13, 2005 9:08 pm   Subject: phpBB 2.0.17 and most likely below
lunix
 
Replies: 63
Views: 89021




nice discussion over here.
first of all,no need to fight or flaming just because of small thing.

releasing poc for it,for those dont believe it. try it out

make yourself a folder .. like darkc ...
phpBB 2.0.17 and most likely below
PostForum: PhpBB   Posted: Tue Aug 23, 2005 1:49 pm   Subject: phpBB 2.0.17 and most likely below
lunix
 
Replies: 63
Views: 89021




functions.php?f=1337&function=lock_thread this in phpbb not work

you are sure?

i have proben /modcp.php?t=2&mode=lock and it does not work either

thx
It was just an example of a poss ...
phpBB 2.0.17 and most likely below
PostForum: PhpBB   Posted: Mon Aug 22, 2005 12:31 pm   Subject: phpBB 2.0.17 and most likely below
lunix
 
Replies: 63
Views: 89021




It would work where admin functions are done by constructing a url.
If a forum used a url like
http://www.site.com/functions.php?f=1337&function=lock_thread
to lock the thread with the number ...
phpBB 2.0.17 and most likely below
PostForum: PhpBB   Posted: Mon Aug 22, 2005 8:06 am   Subject: phpBB 2.0.17 and most likely below
lunix
 
Replies: 63
Views: 89021




It would work in anything that allows people to post images.
The flaw isnt in bbcode, its in browsers.

I dont think they will even bother to patch this.
Parsering EVERY image everytime the page ...
Rainbow Crack
PostForum: MD5 hashes   Posted: Sun Aug 21, 2005 12:14 pm   Subject: Rainbow Crack
lunix
 
Replies: 209
Views: 246797




Plaintext of 96ce48439595f7874ea46d4e5dead34a is cammello
Plaintext of ebad407bc98ebfc25bca10b645baa4a5 is hannah96
phpBB 2.0.17 and most likely below
PostForum: PhpBB   Posted: Sun Aug 21, 2005 11:21 am   Subject: phpBB 2.0.17 and most likely below
lunix
 
Replies: 63
Views: 89021




The only way to get root on phpbb now is to get the admin hash and crack it. All the fun stopped when phpbb realised EVERY admin cookie was the same. Laughing
phpBB 2.0.17 and most likely below
PostForum: PhpBB   Posted: Sun Aug 21, 2005 6:48 am   Subject: phpBB 2.0.17 and most likely below
lunix
 
Replies: 63
Views: 89021




What about using the same vulnerability to make a user an administrator? Or atleast something more interesting then "Logout".
I don't think you understand what the script is doing.
phpBB 2.0.17 and most likely below
PostForum: PhpBB   Posted: Sat Aug 20, 2005 9:40 pm   Subject: phpBB 2.0.17 and most likely below
lunix
 
Replies: 63
Views: 89021




so far this has worked on every forum and every browser i have tested it on.

There is also a couple of other interesting possabilities we are testing out.
phpBB 2.0.17 and most likely below
PostForum: PhpBB   Posted: Fri Aug 19, 2005 9:30 pm   Subject: phpBB 2.0.17 and most likely below
lunix
 
Replies: 63
Views: 89021




yeah that is interesting, Looks like it worked on ie and ff for me.

Theoreticaly that would work on any forum and there is no possability of creating a patch. Shocked

im gonna investigate this a li ...
phpBB 2.0.17 and most likely below
PostForum: PhpBB   Posted: Fri Aug 19, 2005 6:36 pm   Subject: phpBB 2.0.17 and most likely below
lunix
 
Replies: 63
Views: 89021




post it.
phpBB 2.0.17 and most likely below
PostForum: PhpBB   Posted: Fri Aug 19, 2005 6:04 pm   Subject: phpBB 2.0.17 and most likely below
lunix
 
Replies: 63
Views: 89021




phpbb aready blocks direct php images though.
So anything like login.php?action=logout would not get parsed and would just dispay the link within the img tags.

like when people link to scripts tha ...
phpBB 2.0.17 and most likely below
PostForum: PhpBB   Posted: Fri Aug 19, 2005 5:01 pm   Subject: phpBB 2.0.17 and most likely below
lunix
 
Replies: 63
Views: 89021




post a proof of concept code then if your so confident this will have an effect.

we tried every possability 18 months ago, nothing would work.
Because you are using img tags it only has the abilit ...
phpBB 2.0.17 and most likely below
PostForum: PhpBB   Posted: Fri Aug 19, 2005 4:30 pm   Subject: phpBB 2.0.17 and most likely below
lunix
 
Replies: 63
Views: 89021




The PHP will NOT be run on the server you are trying to exploit.
It will be run on YOUR server. so there is no XSS possability.
Then the image headers are sent to the browsers and an image is downlo ...
Page 1 of 2 Goto page 1, 2  Next
All times are GMT
  




Powered by phpBB © 2001-2008 phpBB Group






Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2020 Janek Vind "waraxe"
Page Generation: 0.145 Seconds