 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| |
|
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9145
 People Online:
 Visitors: 817
 Members: 0
 Total: 817
|
|
|
|
|
|
PacketStorm News |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
|
New video tutorial added.
video by Darksh3ll.
more : http://www.kisobox.com/area52 |
|
|
|
|
New video tutorial added.
video by Darksh3ll.
more : http://www.kisobox.com/area52 |
|
|
|
|
phpBB 2.0.21 XSS in administration
**********************************
//-- By Blwood
#End here
Credit goes to exploit author.
Video tutorial have been host here
http://kisobox.com/are ... |
|
|
|
|
take a look at
http://kisobox.com/area52.php might give u extra info |
|
|
|
|
go to any open folder >> view >> folder option and disable by clicking the extension disable.
change save file to .pl .
i guess your previous file was saved as vb306.pl.txt.
correct ... |
|
|
 Forum: PhpBB Posted: Sun Feb 12, 2006 1:52 am Subject: l |
|
|
|
thats his problem to make real or fake money for hacking. 
point is exploits with greater version number are spread in the wild,tell me why you go for this later version?  |
|
|
|
|
credit : Everyone
poc :
http://kisobox.com/exploits/phpbb.2.0.18.xss+cookies.stealer.txt
video tutorial
http://kisobox.com/area52/phpbb2.0.18/
|
|
|
| Forum: PhpBB Posted: Sat Feb 11, 2006 6:56 am Subject: l |
|
|
|
btw what money are you talking about...
http://kisobox.com/exploits/phpbb.2.0.17.xss+cookies.stealer.txt
well have fun |
|
|
|
|
credit to everyone that found this bug
poc
http://kisobox.com/exploits/phpbb.2.0.19.xss+cookies.stealer.txt
brief video tutorial about it.
http://kisobox.com/vtu.php or http://kisobox.com/ ... |
|
|
|
|
#!/usr/bin/perl
# vBulletin <= 3.0.6 Add templates remote execute exploit (perl)
# suBzero@kisobox.com
# Reference: http://www.securityfocus.com/bid/12622/info
#
use IO::Socket ... |
|
|
|
|
so we have 3-4 vulnerable now and not forgetting from the bug finder himself.
so this vulnerable affect most of the cms out there.
you will able to do more such as adding admin user the ... |
|
|
|
|
how about in other forum or bulettin board *_^ .. we should give a try 
nice idea.there are lots of others cms (content manager ) that use bbcode in their post .
you can try popular and widely ... |
|
|
|
|
mm accesing script to add user as admin in /admin/ folder would ask admin to re-authenticate him/herself
hard to access /admin/ folder now.
but you can delete specific posting then,
whenever an ... |
|
|
|
|
nice discussion over here.
first of all,no need to fight or flaming just because of small thing.
releasing poc for it,for those dont believe it. try it out
make yourself a folder .. like darkc ... |
|
|
|
|
#!/usr/bin/perl -w
##################################################################
# This one actually works :) Just paste the outputted cookie into
# your request header using livehtt ... |
|
|
| Page 1 of 3 |
Goto page 1, 2, 3 Next
All times are GMT |
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
