Monday 15 April 2013

[EN] SMF 2.0.4 - PHP Injection

I found a great possibility to exploit latest SMF.

There is a PHP Injection vulnerability. This could be exploited by CSRF attack.

If you need details, feel free to send me an email because for now p0c won't be public. ;)

11 comments:

  1. can you plz share it with me plz
    pratikanand143@gmail.com

    ReplyDelete
  2. Hey bro can you pleas help me with it
    contact me- rahul_funsearch@hotmail.com

    ReplyDelete
  3. Send me an email admin is a very important issue urgent? mail horrible2134@hotmail.com

    ReplyDelete
  4. codeinjector007[at]gmail.com
    thanks! :)

    ReplyDelete
  5. Enjoy. ;)

    But remember: use it only to legal tests.

    Cheers
    o/

    ReplyDelete
  6. thanks please share, jwhite048[at]gmail.com

    ReplyDelete
  7. send to alx_noname@mail.ru, please

    ReplyDelete
  8. alx, Anonymous, and all other dudes who sent me an email about this code. ;]

    This code is public. At this blog also... ;]

    Have fun.

    Only legal. ;]

    o/

    ReplyDelete
  9. How I can get admin hash?

    ReplyDelete
  10. Check it out:
    http://hauntit.blogspot.com/2013/04/en-p0c-php-injection-in-smf-204.html

    ReplyDelete
  11. This comment has been removed by the author.

    ReplyDelete

What do You think...?