vBulletin 3.8.4 & 3.8.5 Registration Bypass Vulnerability
===============================================================
vBulletin 3.8.4 & 3.8.5 Registration Bypass Vulnerability |
=============================================================== |
010101010101010101010101010101010101010101010101010101010 |
1 Iranian Datacoders Security Team 2010 1 |
010101010101010101010101010101010101010101010101010101010 |
# Exploit Title: vBulletin 3.8.4 & 3.8.5 Around Registration Vulnerability |
# Software Link: http://www.vbulletin.org |
# Google dork 1 : powered by vBulletin 3.8.4 |
# Google dork 2 : powered by vBulletin 3.8.5 |
# Platform / Tested on: Multiple |
# Category: webapplications |
# BUG : ######################################################################### |
1 > Go to Http://[localhost]/path/register.php |
2 > Assume that forum admin user name is ADMIN |
3 > Type this at User Name ===> ADMIN� |
4 > � is an ASCII Code |
5 > And complete the other parameters |
6 > Then click on Complete Registrarion |
7 > Now you see that your user name like admin user name |
After this time the private messages to the user (ADMIN) to sending see for you is sending . |
# Patch : ####################################################################### |
2 > Click on vBulletin Options and choose vBulletin Options |
3 > Choose Censorship Options |
4 > type &# in Censored Words section |
############################################################################# |
Our Website : http://www.datacoders.ir |
Special Thanks to : H-SK33PY , NEO , Sp|R|T , BigB4NG , 3r1ck , Dr.mute , |
hosinn , NIK , uones , mohammad_ir & all iranian datacoders members
![[Tutorial] XSS Bài 2: XSS Nâng cao + Bypass bộ lọc](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEixEoUmpwXUmG6BwNUxkp2bx9LwFoIovVmTOD9ZZ_owzNehJ3jW-beXvaWzjpu7tCCpOzOkzIxz-wIwL9Dt8_YxyKl604U03Hd3Z1E3mlDvIB0u0IIf-WtvpXRfkgSv0Y9BzB9EkC6J0uI/s72-c/70.jpg)
Không có nhận xét nào:
Đăng nhận xét