echo.defender
Jul 1 2006, 04:13 PM
| | Invision Power Board v2.1.6 © 2006 IPS, Inc.
This is what it is written on the bottom of the board.
Not so long ago, i was surfing somewhere, (i wont say where) and i discovered a "sql injection"exploit, a perl script.
QUOTE(step28 in the hack) 28. Reload and click on the username to the admin. You are now logged in as an ADMIN!!!
Admins, pm to receive the link where i found this.
with this hack, you can log in with any user without his pass.
It's really easy to do, you just need PERL, Opera webbrowser and 3 minutes fo your life...
|
Reply
Albus Dumbledore
Jul 1 2006, 06:12 PM
this is why IPB has recently sent out a new update for this version of 2.1.6 http://forums.invisionpower.com/index.php?showtopic=219126is the update in which they are talkng about and here is another IPB Error that was released yesterday... which people need to upgrade on http://forums.invisionpower.com/index.php?showtopic=220787it talks about uploading avatars that will cause cross site scripting...
Reply
echo.defender
Jul 1 2006, 06:50 PM
QUOTE(Albus Dumbledore @ Jul 1 2006, 06:12 PM)  this is why IPB has recently sent out a new update for this version of 2.1.6 http://forums.invisionpower.com/index.php?showtopic=219126is the update in which they are talkng about and here is another IPB Error that was released yesterday... which people need to upgrade on http://forums.invisionpower.com/index.php?showtopic=220787it talks about uploading avatars that will cause cross site scripting... Yay a good administrator in a forum! thats rare! lol
Reply
delivi
Jul 1 2006, 10:39 PM
Thanks dude this would have become a serious proble for the forumers. This will alert all th forum admins here and they'll definetly update. If any one of you've been attacked with this exploit then, report it here.
Reply
echo.defender
Jul 2 2006, 03:03 AM
QUOTE(delivi @ Jul 1 2006, 10:39 PM)
Thanks dude this would have become a serious proble for the forumers. This will alert all th forum admins here and they'll definetly update. If any one of you've been attacked with this exploit then, report it here.
i did my good action of the day lol
Reply
uiop
Jul 2 2006, 10:14 AM
Security exploits like this make me nervous. I used to run an old version of IPB (I only purchased one year or so of updates), but decided to quit using it because of all the new security vulnrabilities. Are these forums updated?
Reply
echo.defender
Jul 2 2006, 02:52 PM
QUOTE(Albus Dumbledore @ Jul 1 2006, 06:12 PM) this is why IPB has recently sent out a new update for this version of 2.1.6 http://forums.invisionpower.com/index.php?showtopic=219126is the update in which they are talkng about and here is another IPB Error that was released yesterday... which people need to upgrade on http://forums.invisionpower.com/index.php?showtopic=220787it talks about uploading avatars that will cause cross site scripting... 
Reply
Similar Topics
Keywords : attention, ipb, users, admin, important, exploit, discovered
- In-laws
important relationships often not considered (0)
How To Print In Php
How to print to the users printer using PHP (9) I'm making a site which generates a number of reports. I want to print it to the user's
printer. Any idea how can I obtain this. Thanks in advance.....
US Court Rules That Google Must Divulge All Youtube Users' Browsing Habits
yes, *every* user (12) As part of their battle with Google, a US court has ruled that Google must hand over the viewing
habits of every user of YouTube to Viacom. This will include the log-in ID of users, IP addresses
and video-clip details. Whilst the two companies involved are based in the USA, it is believed that
details of users from all over the world will be divulged. Considering that there are over 83
million videos on YouTube and about 500,000 users, I wish the person in charge of sifting through
this information "good luck". Whilst some would call this one of the greatest invasions ....
Agent-principal Relationships
some info on this important subject (0) In the relationship between an agent and a principal, both parties consent to the agent having the
ability to act on behalf of the principal. This is known as a form of principal-agent relationship
called power of attorney. Such a relationship plays an important role in business, whether it be in
the workplace, a partnership, or a corporation. There are three types of authority in a
principal-agent relationship: express, implied, and apparent authority. Express authority is what
the principal directly tells the agent his duties and responsibilities are. This cannot ....
How To Control Other Users’ Privileges (microsoft Windows Steadystate 2.5)
(1) Recently Microsoft has developed a program that makes user control easier. The program is called
Windows SteadyState 2.5 and it needs a genuine version of windows. System Requirements
• Supported Operating Systems: Windows Vista Enterprise; Windows Vista Home Premium; Windows
Vista Ultimate Windows XP Professional, Windows XP Home Edition, Windows XP Tablet PC Edition with
Windows XP Service Pack 2 (SP2) installed or Service Pack 3 (SP3) installed, Windows Vista Business,
Windows Vista Home Basic, Windows Vista Starter, or Windows Vista with Servi....
Admin Account?
Hpw? (2) I need a tutorial which is mainly about creating the administration page for my we-site. Those are
my requirements so far: 1. It has to have a default data to access. 2. Once you entered the admin
section, other administrators can be added. 3. The administrators are classified at many different
levels, priveleges. 4. More functions/requirements you can add if you consider them as useful
Thanks.....
Hackers Hijack A Half-million Sites: Phpbb Forum Users Must Read
(8) Since January, hackers have hit hit over 500,000 website, with everything you could possible
imagine; viruses, trojans, malware etc etc. As for the types of websites, sadly to say, these
websites who are getting hit are running PHPBB forum and the worse part is htey don't mention
which version of the phpbb forums are getting hack. So it is safe to say any version below 3.0 is
hackable and maybe even 3.0 itself. As for some of the stuff that is being transmitted are old and
new, but one trojan has been identified and it is the Zlob Trojan or rather variations to th....
[suggestion] Allow Users To Delete Their Own Topic
Possibly only if there are no replies (4) I've had the following happen to me twice within the past few days: I struggle with a problem
for three or four hours. Eventually I give in and post asking for help. While I wait for the help
I continue working on the problem. An hour or two down the road I figure out the issue on my own.
As such, I no longer need the topic I created. I'd like to delete it so as not to waste
people's time (and clutter up the sub forum), but I don't have the privileges to do so.
Being able to delete your own topics would allow users to self moderate, and cut down on....
Admin Password Xp
no admin pw for xp (5) Need some help or advice here please. Need to reinstall windows XP but have no Admin Password. I
bought this PC used from a office that was getting rid of a few computers and such. Thing was, they
did not give me the PW for the admin. I have called them to see if I could get it, but the I.T. guy
is no longer with them, and they knew nothing about it. well now I must reinstall XP due to ad ware
that has even trashed my anti virus programs and CC Cleaner. I had thought of maybe running down a
password cracker but I used one in the past but did more damage than good. A....
Kevin Paquet - Computinghost Hostee
The Young Admin from Davao (3) Hello everyone, I'm Kevin Georg Paquet , a 16 year old Filipino Teenager from Davao City,
Philippines. I've been a webmaster since the 16th May 2007, and now run more than 10 websites.
LOL, most of them proudly hosted by computinghost.com, since somewhere in November. Ahmm, I'm a
4th Year High School Student, independent web developer (I'm paying my own bills, with no help
from my parents or so). I love playing online games, administrating forums (that's where I
started) and blogging (my way of earning money). I also love playing soccer and write....
Attention Those Who Look For Rapidshare Accounts For Free
none can get free premium account (4) a big spam is around web is free rapidshare premium accounts. nothing comes for free. all cracks
comes with great viruses pack aio. so dont trust those links and dont waste your time. only way to
get account is to buy from it. never get fooled by spam . becareful .....
Blood Grouping System
Important blood grouping system of human and non-human (2) RBC (red blood cells) is an important element of blood. There are many antigenic substances present
in the surface of RBC. Depending upon the presence or absence of inherited antigenic substances on
the surface of RBC, blood may be classified in different groups; these groups are called Blood Group
or Blood Type. Other then human, animals and bacteria have cell surface antigens and they have also
blood grouping, but their blood groups are quite different. Human have 29 recognized blood group
system (recognized by International Society of Blood Transfusion, ISBT). The po....
Opening Nat On Your Xbox - Upnp With Netgear
for NETGEAR users with UPnP enabled (0) I think all of the NETGEAR Routers now come with UPnP Follow this tutorial and i will show you how
to open your NAT. 1. Go to 192.168.1.1 (or 192.168.0.1 - or whatever they supplied you with) 2. Go
down to maintenance and 'Attached Devices'. 3. My xbox is named '---' - most xboxes
have that default name. 4. Make sure your xbox is located there and is in the IP you selected in
your xbox wifi setup. 5. Now go down to 'Advanced' then 'UPnP' 6. If the
'Turn UPnP On' is toggled - then uncheck it and apply. Then when it update....
Deleted Some Important Files In Your Usb/ Mem Stick?
(1) if you did then use a file recovery program. there are recovery programs unique to your brand like
sony's recovery program for their memory sticks. i have heard so many people just pity
themselves because of this one.....
Vitamin, An Important Nutrient
History, source, importance etc. (3) Vitamin is very well known nutrients to us. It required a little amount in our body but played a
vital role. There are two types of vitamin, such as water soluble vitamin and fat soluble vitamin.
Fat soluble vitamins are Vitamin A, Vitamin D, Vitamin E and Vitamin K; and water soluble vitamins
are Vitamin B-complex and Vitamin C. All vitamins are not discovered together. In 1909 Vitamin A
was isolated from cod liver oil. Another name of Vitamin A is retinol. Vitamin D was also isolated
from cod liver oil, but 9 years after the discovery of Vitamin A. The discovery year....
Some Basic But Important Info About Cancer
(3) Symptoms of Cancer 1. Lumps, especially those that are growing larger gradually, appearing on parts
of your body such as the breasts, neck abdomen. 2. Signs of injury not externally inflicted which
do not go away after a long time, such as bruises and scratches on the skin or ulcers on the tongue
3. Body weight keeps fluctuating or nutrition level decreases dramatically (e.g. falling sick more
frequently or feel tired easily) despite the absence of sicknesses that also cause such symptoms
such as Diabetes. 4. Dry cough that does not heal in a long while, blood in phl....
How To Attract Users To Register On A Site
(13) :rolleyes:Use great graphics an good color which attracts the users/views eyes an capturers there
attention which cuases them to view your website if its good enought they'll register. Also use
good images, links an have blogs an forums also start a referring website such as like this: Visit
this site and know all the info about the CHITWAN http://hamrochitwan.com Some thing like that
would get more users depending on if the items in your shop are GOOD maybe like moderator for a week
costing 100 referals or somethink. /blink.gif" style="vertical-align:middle"....
*** Virus Alert *** Important ***
*** DO NOT TOUCH THESE LINKS *** (14) Sources have warned that the following links, or similar, should not be "touched" or linked to.
Your Anti-virus will issue a severe warning if you click to these links. It would appear that the
common element is the filename in the link which follows the web protocol h t t p. h {double t} p
{colon} //xxthebestxx.hut2.ru/ r57.txt h {double t} p {colon} //www.hdcs.org.np/ r57.txt
h {double t} p {colon} (a file on your account) %20script:void(0) h {double t} p {colon}
//turkey.dnsdc9.com/~activ7/ r57.txt h {double t} p {colon} //turkey.dnsdc9.co....
Happy Birthday Buffalohelp. Let's All Wish Buffalohelp A Wonderful Birthday.
Let's wish our great admin a nice birthday today. (28) I was checking things out here in here as usual. And I see in today's birthdays. It's
BuffaloHELP 's birthday today. Happy birthday BuffaloHELP I hope you have a wonderful
birthday today and that you eat lot's of cake and thanks for being such a wonderful Admin
in here. You help out alot of people in here when you are able to. And again Happy Birthday big guy
and many more yet to come. Happy Birthday to you, Happy Birthday to you Happy Birthday dear
BuffaloHELP, Happy Birthday to you and many more. HAPPY BIRTHDAY BuffaloHELP ....
How To Make A Counter Strike 1.6 Dedicated Server
CS 1.6 Dedicated Server with Admin Mod and Stats Me (14) How to make a Counter Strike 1.6 Dedicated server What do we need ? HLDSupdatetool ->
http://www.steampowered.com/download/hldsupdatetool.exe NoSteamPatcher ->
http://www.gameszone.ro/downloads/no-won-steam.zip AdminMod + MetaMod ->
http://ovh.dl.sourceforge.net/source....50.60-win.zip StatsMe ->
http://ovh.dl.sourceforge.net/source....3-cstrike.zip Step 1 Create a dir were the server will be
installed example C:\HLDS Open hldsupdatetool.exe, click next , then I agree we will get to the
destination folder, here we press browse and select Local Disk C ,....
Users Online
Looking for the best counter script (9) Hi people, I am wondering If do you know a good "users online" I know many remote hosted services
for this but I am looking for a counter script to install in my own website, If possible a counter
that displays my visitors information , like country or an image(flag) links where they come from
etc. something like this: Webpage I would SO appreciate any help! because I want to give to
my site a more professional and international look /cool.gif" style="vertical-align:middle"
emoid="B)" border="0" alt="cool.gif" /> ....
Dialup Users Double Your Connection Speed
with simple modem command tweek (6) I found this instruction on the net and I'm wondering this actually "speeds up" a dial up
connection? QUOTE Suffering from 52 kbps internet connection? Follow these simple steps and
double your internet connection speed: Connect to the internet Click Start and select control
panel Click Phone and Modem Select Modems tab and then click Properties Click the Advanced tab
and in the extra initialization commands type AT&FX Click Ok and disconnect from the internet
Connect to the internet again and enjoy your 115 kbps connection! Source http....
Computer Admin Login With Lost Password?
Hack my own comp. (15) Im trying to fix some things on my acount but, i hava to be able to log into my Admin. acount. my
dad had the comp. before me and he forget the password to get into the acount. how do i hack into my
own computer to get the password, or is there any way of defragging my comp. without being a admin?....
Hlsw (gaming) Tutorial
Used if you have admin on servers (2) 1. Download HLSW -www.hlsw.net 2. Install the LATEST most recent update possible or there would be
no point of you trying to use HLSW with the old version. 3. Once installed there should be a
desktop icon if you checked the box during the setup. Now click on the icon and open HLSW. 4. At
top you should see "Server List" on the side of it, it should be set at "Custom Server List" 5.
Right under is IP/Port, type in the server ip and port (i.e 38.113.32.5:27015) 6. Below the top
part if a big white box. Inside you should see the server and its information as if your on....
New Rapidshare Hack For Firefox Users
(20) QUOTE The hot new Firefox plug-in takes browser customization to a whole new level by letting
users filter site content or change page behaviors. The glory of open-source software is that it
allows anyone with the inclination and the scripting knowledge to get under the hood and hot-rod
their computing environment. But most of the time, that advantage is available only to people with
the programming skills to make the changes they want. That's where Greasemonkey, a free plug-in
for Firefox, comes in -- it simplifies hacking the browser. Released at the end 2004....
Html Tag For A Code Box
Where You Put HTML Code For Your Users (4) Well I have seen it all over the web. Lots of sites have code boxes so you can promote them or they
show you a code you can use for javascript and stuff like that. I would like to know the HTML code
for those boxes. Thanks in advance for your help.....
Make Yourself Admin On A Computer
(28) Last year, my whole family used one computer, and I could never install anything because my account
was limited, and my parents were scared I would download a virus. One day I decided to try and find
a way to make myself able to install stuff, and I found out, but because of my parents carelessness.
It doesn't work if the Administrator, the one that doesn't show up on logon has a password.
Here's how to do it: Restart your computer, and when it first starts press f8, it's f5 on
some computers, and then select run Windows in safe mode with networking, a....
Avg Anti-virus Question
Users please read (14) So I was updating my free version today and it told me that I had 5 things in my vault. I was
wondering if emptying it would be the good thing to do. I mean do I just keep the virus' in
there? Or do I empty it and are they then deleted?....
Are Mobile Phones Dangerous?
to the user's health... (110) There has been much talk about the "microwave radiation" that mobile phones emit. View 1: Yes,
there is possibly some small risk from using mobile phones. It is vastly lower than the risks from
smoking, driving or crossing the road, and probably significantly lower than the risk from TVs and
TV transmitters. After many years of research, there is still no clear proof of any risk at all.
Statistics show that you are more likely to win a lottery jackpot, be struck by lightning, or even
spontaneously combust than you are to be damaged by using a mobile phone! You a....
Read This Before Applying For Hosting!
HIGHLY IMPORTANT! (55) DISCARD THIS PAGE : WE HAVE CREATED A FORM GENERATOR HERE
http://www.trap17.com/forums/click-here-de...ting-t9222.html READ THE FOLLOWING INSTRUCTIONS
CAREFULLY BEFORE APPLYING Once you have the necessary Hosting credits ( check at :
http://www.trap17.com/forums/ ), You can request here by making a new topic and putting in the
following details. BEFORE ACCEPTING YOUR APPLICATION, WE GO THROUGH YOUR EACH AND EVERY
POSTS! SEE TO IT THAT YOU HAVE GOOD QUALITY POSTS. BUILDING A GOOD COMMUNITY IS OUR FIRST
PRIORITY! Its very easy once you get st....
Looking for attention, ipb, users, admin, important, exploit, discovered
|
|
Searching Video's for attention, ipb, users, admin, important, exploit, discovered
|
advertisement
|
|
Jul 25, 2008
