 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 387
 Members: 0
 Total: 387
|
|
|
|
|
|
Full disclosure |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
|
The image uploaded with its image content and a name randomly generated.
I guess that means the exploit has been solved in that board? No code was executed :/ |
|
|
|
|
Thanks, will try it now.
I will use a code as follows inside EXIF data:
include('../../config.php');
echo $dbms;
echo $dbhost;
echo $dbport;
echo $dbname;
echo $dbuser;
echo $dbpas ... |
|
|
|
|
| Nevermind the old post, phpbb 2.0.21 with avatars upload enabled. Edited image with php script in EXIF data would work, or it requires extra net work? |
|
|
|
|
| I already tried finding one, but the whole host is just for the phpbb board, so I though it would be easier to sneak into another neighbour, or perhaps brute force attacks on ftp or mysql :S Either ne ... |
|
|
|
|
avatar upload is not enabled  |
|
|
|
|
Hi, I've been lurking for a while but yet I couldn't find what I need.
I'm trying to gain administrator access in any way in a phpbb 2.0.21 board, I tried seeking sql injections and well every kind ... |
|
|
| Page 1 of 1 |
All times are GMT |
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
