Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » APBoard - post threads to protected forums and possibility to hijack forum-passw

APBoard - post threads to protected forums and possibility to hijack forum-passw

by Nikola Strahija on November 13th, 2002 Normal Users can submit threads to password protected forums and possibly hijack the forum-password with some referer logging script .


Exploit:
1, register an account on vuln board

2, go to any forum and klick on "Neues Thema"

3, open sourcecode of this site and scroll down to the following lines:

<---code--->






<---code--->

4, edit the "insertinto" value of the forum where you want to submit the
new thread.
eg:

5, save file local

6, open file and write your text, then click "Thema posten" and the new
thread is posted to the protected forum

Another Bug in this Board is that if a user logs into a protected forum
the forum-password will be shown on the title-bar in plaintext
eg: http://www.your-domain.com/apboard/thread.php3?
id=999&passwort=1&thepasswordhere

you could create a referer-logging script and link this in the posted
thread of the protected forum.
if any user clicks on the link the plaintext password would therefore be
saved in the logs of the attacker

- ProXy
- http://www.es-crew.de


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »