phpBB 2.0.13 released – dumb*ss coders strike again

This post was imported from an old blog archive, and predates the creation of AdamCaudill.com

In the latest round of embarrassing updates, the phpBB Group has released a new version of phpBB, 2.0.13, to fix a large, and obvious security error allow anyone to gain admin rights, oh, just to make it better, it works on all version < 2.0.13. With a POC floating around, let the hacking begin.

Update: A working exploit was released, showing just how simple it is to wreak havoc.

This is yet another blow to phpBB, it’s had a number of recent issues like this, makes you wonder how long it’ll take for them to actually take security seriously.

Exploit:
“An exploit is not required.

The following proof of concept demonstrating cookie values necessary to authenticate to the numerical id ‘2’ account, typically the administrator account, is available:

a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bb%3A1%3Bs%3A6%3A%22userid%22%3Bs%3A1%3A%222%22%3B%7D
(Source)”

References:

PHPBB Authentication Bypass Vulnerability
phpBB 2.0.13 released – Critical Update