Posted January 29, 200520 yr on this site. http://www.nofrag.com/ (i know its in french but still thats not hard to find your way on it) http://www.nofrag.com/compte/nouveau/ to create an account.
January 29, 200520 yr Good old google http://translate.google.com/translate?u=http%3A%2F%2Fwww.nofrag.com%2F&langpair=fr%7Cen&hl=en&safe=off&c2coff=1&ie=UTF-8&oe=UTF-8&prev=%2Flanguage_tools
January 29, 200520 yr Pretty hard task, as I dont understand french and it uses these temporary paths instead of direct PHP? calls. Maybe a possible entry point for an exploit could be: http://www.nofrag.com/image.php? or http://www.nofrag.com/forum/member.php? Havent found a working exploit yet. Also they´re not vulnerable to the img code flaw. Maybe this exploit can be used: http://www.securityfocus.com/bid/11900/exploit/, but havent gotten it to work yet.
January 30, 200520 yr Author ya its homemade php script i dont think any known exploit works on this site
January 30, 200520 yr DKay']ya its homemade php script i dont think any known exploit works on this site Who knows? looks like there is much code from UBB used. But I also fear you´ll need to find a custom exploit.
January 30, 200520 yr Author http://www.nonerd.net/ is the place where all the adminisrative shit is. Maybe some phpMyAdmin exploits such as this one would work
