phpBB Group

ok, lets say someone has admin access to a phpBB Group forum 2.0.11

how would one be able to:

• view database details
• upload a php file.

this someone has tried:

• viewtopic.php "highlight" exploit
• browsing around everywhere in the admin panel
• trying to inject php <script> into threads / admin panel

problem is, phpBB Group, doesnt allow attachments in the forums.

any help would be greatly appreciated.

Hmmm lol, I read somehting about this today i'll have a look ing my history runs off to check………………………. ooo that was for vbulletion :s soz

seams like u know this person very good he he how did u get all theese detales :P he he

phpbb suxs… but try it this way.. make a database backup and try to open it up.. just a guess of it working:)

this person has a database backup.

except in this, it doesnt have any database details. all the possible hashes have been cracked with a 200mb dictionary. Sadly the admins hashes havnt been cracked + they dont use the same pass for everything.

so, this person is still stuck, on how to get the database details, and more importantly, how to upload a file.

i think u should use export functions.. but i have never seen 2.0.11 admin panel… in 8 it does

Mr_Cheese: well, i would recommend that this said person subscribe to bugtraq, vuln-dev and full disclosure. there were 2 recent exploits release for phpBB. the older one is an SQL injection that allows any user to become admin instantly. the other will let admins run commands on the server with the UID of the HTTPd (possibly Apache?).

anyways, i hope this person has a good hack ;)

n3w7yp3 wrote: Mr_Cheese: one is an SQL injection that allows any user to become admin instantly.

not a problem, this person already has admin access. but i'll look into the running server commands one.