Tuesday, January 2, 2018

vBulletin x x x Customer Area Hacking 0day FOCSoft

vBulletin x x x Customer Area Hacking 0day FOCSoft


Asslam O Alikum Friends,..


Today Is Our Hacking Topic Is(vBulletin x.x.x Customer Area)

1st find a vBulletin 4 or 5 target
2) Make sure it has a /install/upgrade.php file in it
3) Go to site.com/install/upgrade.php and right click the page and see source code.
Find var CUSTNUMBER =
4) Once found , copy it
5) Then open http://pastebin.com/ZTEC6tgr

save as .php and upload to any host
6) After that paste that CUSTNUMBER into the Customer I.D box (It will be something like 9c4818514a74338f980793e7426b2fb1)
7) Fill in the other boxs such as site URL, Username, Password and Email.
8) Once done, click Inject Admin and let the page load
9) Thats all, now go to the forum and login with the login details which you injected the site with.

Have fun

How to patch the bug ? Remove the install dir

                          Regards
TEAM_CC (Cyber Commondos)


visit link download

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.