 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 51
 Members: 0
 Total: 51
|
|
|
|
|
|
Full disclosure |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
Invision 2.0 exploit walktrough |
|
 Posted: Sun Oct 09, 2005 11:19 am |
 |
|
| JohnAvo |
| Beginner |
 |
|
| Joined: Oct 09, 2005 |
| Posts: 1 |
|
|
|
 |
|
 |
|
Hello, i dont know anything about sql-injection or php, but i have my Invision 2.0 forum (freeware) running and i heard v2.0 is very valnurable to many exploits i found this one, http://www.securiteam.com/exploits/5AP0G0KG0A.html and i want to make sure my forum is really volnurable or not.
Can someone take bit of time and explain how can i test my own forum?
I have admin login, php/sql hosting, only lacking skills to check myself and dont feel like learning all this just to test forum once in my life.
i belive i need edit this part of exploit?
| Quote: | $server = "http://mysite.com/forum/";
$port = 80;
$file = "what goes here?";
$target = 81;
/* User id and password used to fake-logon are not important. '10' is a
random number. */
$id = 10;
$pass = "pass"; |
and after i done should i save this (and rest of exploit) as .php and up to my server?
Thanks for anybody who will replay. |
|
|
|
|
|
www.waraxe.us Forum Index -> Sql injection
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
