# ./start # # Discovered by Seph1roth on June 2007 (was priv8) # # Vulnerable: Simple Machine Forum [ALL Versions] # # Visit: http://www.blackroots.it - Best hacking site. # # Description: If smf has index.php?action=admin in .htaccess ,i can bypass that by typing in the url some variable of administration panel : example: index.php?action=admin (.htaccess,then access denied) index.php?action=membergroups (accessible) index.php?action=news (accessible) index.php?action=featuresettings (accessible) ...and others... i can bypass and enter the administration by typing the accessible variables in the url... # Greets to all BlackRoots Users # # Shoutz to all kiddies # # ./end
