 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 215
 Members: 0
 Total: 215
|
|
|
|
|
|
Full disclosure |
|
CyberDanube Security Research 20251014-0 | Multiple Vulnerabilities in Phoenix Contact QUINT4 UPS
apis.google.com - Insecure redirect via __lu parameter(exploited in the wild)
Urgent Security Vulnerabilities Discovered in Mercku Routers Model M6a
Re: Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS)
Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS)
[SBA-ADV-20250730-01] CVE-2025-39664: Checkmk Path Traversal
[SBA-ADV-20250724-01] CVE-2025-32919: Checkmk Agent Privilege Escalation via Insecure Temporary Files
CVE-2025-59397 - Open Web Analytics SQL Injection
Re: [FD]Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Re: Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Re: Defense in depth -- the Microsoft way (part 93): SRP/SAFERwhitelisting goes black on Windows 11
Re: [FD]: "Glass Cage" – Zero-Click iMessage ? Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
Re: [FD]Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Samtools v1.22.1 Uncontrolled Memory Allocation from Large BED Intervals Causes Denial-of-Service in Samtools/HTSlib
Samtools v1.22.1 Improper Handling of Excessive Histogram Bin Counts in Samtools Coverage Leads to Stack Overflow
|
|
|
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
hi, i am new to the forum and need help. |
|
 Posted: Tue Apr 14, 2009 1:56 am |
 |
|
| madjemas03 |
| Regular user |
 |
|
| Joined: Apr 14, 2009 |
| Posts: 6 |
|
|
|
 |
|
 |
|
well, i am already experienced in computer forensic, but do not know anything about how phpbb forum runs. all i want is the forum amdin's password because he is racist to every muslims that joins his forum and bans them for no reasons.
here is the forum's link:
http://www.wyrdysm.com/phpBB2/index.php
and some background data:
phpBB Group : 2002
admins: th15 and arcalane.
i am eager to have an answer, but all i want is to scare them, and access to their admin account (th15 if possible) to put them back in place. please help me, they do need a lesson. |
|
|
|
|
| Posted: Tue Apr 14, 2009 2:38 am |
|
|
| madjemas03 |
| Regular user |
|
|
| Joined: Apr 14, 2009 |
| Posts: 6 |
|
|
|
|
|
|
|
| will be very fond if you can get the password for me. please respond. |
|
|
|
|
| Posted: Tue Apr 14, 2009 1:52 pm |
|
|
| Chb |
| Valuable expert |
 |
|
| Joined: Jul 23, 2005 |
| Posts: 206 |
| Location: Germany |
|
|
|
|
|
|
| We do not like cracking-requests with links here. Please remove it. |
|
|
|
|
| Posted: Tue Apr 14, 2009 3:09 pm |
|
|
| madjemas03 |
| Regular user |
|
|
| Joined: Apr 14, 2009 |
| Posts: 6 |
|
|
|
|
|
|
|
| what do u like then? i guess no one's gonna help me here =/ |
|
|
|
|
| Posted: Tue Apr 14, 2009 11:47 pm |
|
|
| Chb |
| Valuable expert |
|
|
| Joined: Jul 23, 2005 |
| Posts: 206 |
| Location: Germany |
|
|
|
|
|
|
We definitely will not crack something for you. And threads about phpBB boards are enough here, I think. Moreover you did not post the version of the board (no, "phpBB Group 2002" is not the version...), so it is really hard for us to help you.
If you are able to get some more details about the forum (version or so), we might help you. |
|
|
|
|
|
|
|
|
| Posted: Wed Apr 15, 2009 8:15 am |
|
|
| waraxe |
| Site admin |
 |
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
It's 2.0.22:
http://****/phpBB2/docs/CHANGELOG.html
Direct attack @ phpbb is probably not possible, because there is no known effective exploits for this version.
But I did found serious security hole in uploading functionality in that website.
Basically you can upload files with specific extension and if you use
filename like "test.php.shp", then Apache will treat this as php script.
So you have remote php code execution possibilities as result. |
|
|
|
|
| Posted: Wed Apr 15, 2009 11:14 am |
|
|
| madjemas03 |
| Regular user |
|
|
| Joined: Apr 14, 2009 |
| Posts: 6 |
|
|
|
|
|
|
|
thanks a lot man, i'll look at that. 
edit: omfg, it's true xD.
what kind of script could i put?i mean, will html work? i know c++ and html and actionscript, but it's my first time with phpbb, so it won't be as easy as messing up a website hosted on a cheap network xDedit: sorry for my stupidity, only phpbb script works....  |
|
|
|
|
www.waraxe.us Forum Index -> General discussion
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
