You can still get cookies from ANY USER (even Admin) with the current version of bb2nuke 2.0.18
By placing 2 files on a webserver, 1 called cookies.php and 1 called cookies.txt and chmodding them to 777 you can post a code IN ANY AREA of your forums to get a cookie of the user viewing that code. The color code in the exploit code can be set to be hidden on the forum by changing the color code to be the background color of the post background to make it invisible. You can add this code to a image, private message, your signature, ANYWHERE.... and it will send any users cookie to your webserver.
ANYONE who visits this thread, with the url in the code updated (I have replaced the webserver/ftp address with YOUR WEBSERVER ADDRESS HERE.com so it doesnt work on this forum) WITH Internet Explorer, will send thier cookie to the web address in the code.
Now all you need to do, is, go to your ftp/webserver and open the cookies.txt and you have ALL the sessions/cookie of anyone who viewed the code.
PLEASE FIX THIS or tell me where to get the patch for this exploit for bb2nuke 2.0.18.
My Forums are upgraded to bb2nuke 2.0.18 and IT STILL WORKS!
I was hacked recently WITH THIS EXPLOIT.
you can adjust the color codes in the upper code, so it matches the forum background.
.
If i am to understand this one correctly the two cookie files must be on your server and not on the one you want to pull cookies from, correct? elese how would you get them into the other person's site?
Note the change to the address to point to The hackers webserver called www.IwantToStealYourCookies.com...
Now all I have to do is put that Malicious code ANYWHERE on ANY PHPBB forum (or BB2NUKE port) and when a user "views the page where that code is, It will steal thier cookie, and send it to cookies.php on the hackers webserver, then store the cookie in cookies.txt also on the hackers webserver....
BTW I can also make the code invisible by adjusting the color code in the malicious code to MATCH the nackground of the forum i am attacking so no one will see the actual code, but IE will see it and give me your cookie.
This exploit was found by hackers in PHPBB version 2.0.16, and it STILL works in PHPBB versions 2.0.16, 2.0.17 2.0.18 and allBB2Nuke ports of the same versions also.
CHATSEV, PLEASE help us disable against this terrible flaw! It is VERIFIED AND WORKING with bb2nuke 2.0.18 RIGHT NOW on my site.
How and WHERE do I update my 2.0.18 files to make this code not work on our site? I would like to know what php files are modified to return the "Bad_tag" code?
This would help me out tremendously, as we have had several attacks in the last days with this exploit, and we are at BB2nuke ver 2.0.18...
Is there a additional patch to 2.0.18 I am unaware of?
Download 2.0.18 again and grab includes/functions_post.php
and modules/Private_Messages/index.php
It is not an actual fix but it's a workaround until proper filtering is added or the phpbb group release 2.0.19 which shouldn't be too far away seeing as 2.0.18 was a mess.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
Latest: 
Visitation: 
