Zeroq12
Сообщений: 6
Оценки: 0
Присоединился: 2010-06-28 16:48:15.146666
|
Привет всем! Вот столкнулся с проблемой - использую сплойт для ипб 2.3.5 Заливаю сплойт на хостинг с поддержкой пхп5, запускаю и в ответ следующее Invision Power Board <= 2.3.5 Multiple Vulnerabilities —————————————————— About: by DarkFig < gmdarkfig (at) gmail (dot) com > http://acid-root.new.fr/ #acidroot@irc.worldnet.net Attack(s): -attack [options] 1 - PHP code execution -url IPB url with ending slash -uname targeted username -uid OR the targeted user id (def: 1) -prefix sql table prefix (def: ibf_) -acp admin control panel path (def: admin) 2 - Insecure SQL password usage -ip your current IP -dict a wordlist file -url IPB url with ending slash -uname a valid member username -pwd the associated password -uid OR the targeted member id -passhash the passhash cookie value -stronghold the stronghold cookie value -sqlusr you can precise the sql user -prefix sql table prefix (def: ibf_) 3 - Password bruteforcer -dict a wordlist file -url IPB url with ending slash -uname targeted username -uid OR the targeted user id (def: 1) -prefix sql table prefix (def: ibf_) -passhash OR the passhash value -salt the salt value Optional: -proxhost if you wanna use a proxy -proxauth proxy with authentication скорее всего не заполнены след строчки в самом сплойте # Advisory: http://acid-root.new.fr/?0:18 print "\n Invision Power Board <= 2.3.5 Multiple Vulnerabilities"; print "\n ——————————————————"; print "\n\n About:"; print "\n\n by DarkFig < gmdarkfig (at) gmail (dot) com >"; print "\n http://acid-root.new.fr/"; print "\n #acidroot@irc.worldnet.net"; print "\n\n\n Attack(s):\n"; return; } function usage() { print "\n -attack <int_choice> <params> [options]\n\n"; print " 1 - PHP code execution\n\n"; print " -url IPB url with ending slash\n\n"; print " -uname targeted username\n"; print " -uid OR the targeted user id (def: 1)\n\n"; print " -prefix sql table prefix (def: ibf_)\n"; print " -acp admin control panel path (def: admin)\n\n\n"; print " 2 - Insecure SQL password usage\n\n"; print " -ip your current IP\n"; print " -dict a wordlist file\n\n"; print " -url IPB url with ending slash\n"; print " -uname a valid member username\n"; print " -pwd the associated password\n\n"; print " -uid OR the targeted member id\n"; print " -passhash the passhash cookie value\n"; print " -stronghold the stronghold cookie value\n\n"; print " -sqlusr you can precise the sql user\n"; print " -prefix sql table prefix (def: ibf_)\n\n\n"; print " 3 - Password bruteforcer\n\n"; print " -dict a wordlist file\n\n"; print " -url IPB url with ending slash\n"; print " -uname targeted username\n"; print " -uid OR the targeted user id (def: 1)\n"; print " -prefix sql table prefix (def: ibf_)\n\n"; print " -passhash OR the passhash value\n"; print " -salt the salt value\n\n\n"; print " Optional: \n\n"; print " -proxhost <ip> if you wanna use a proxy\n"; print " -proxauth <usr:pwd> proxy with authentication\n"; exit(1); } а вот что и как писать тут я не могу понять. Покажите пожалуйста что и как с комментами.
|