=================vBulletin 3.8.4 & 3.8.5 Registration Bypass Vulnerability |
=============== |
010101010101010101010101010101010101010101010101010101010 |
0 0 |
1 Iranian Datacoders Security Team 2010 1 |
0 0 |
010101010101010101010101010101010101010101010101010101010 |
|
# Exploit Title: vBulletin 3.8.4 & 3.8.5 Around Registration Vulnerability |
# Date: 29/08/2010 |
# Author: Immortal Boy |
# Software Link: http://www.vbulletin.org |
# Version: 3.8.4 & 3.8.5 |
# Google dork 1 : powered by vBulletin 3.8.4 |
# Google dork 2 : powered by vBulletin 3.8.5 |
# Platform / Tested on: Multiple |
# Category: webapplications |
# Code : N/A |
|
# BUG : #### |
|
1 > Go to Http://[localhost]/path/register.php |
2 > Assume that forum admin user name is ADMIN |
3 > Type this at User Name ===> ADMIN� |
4 > � is an ASCII Code |
5 > And complete the other parameters |
6 > Then click on Complete Registrarion |
7 > Now you see that your user name like admin user name |
|
After this time the private messages to the user (ADMIN) to sending see for you is sending . |
# Patch : ################# |
1 > Go to AdminCP |
2 > Click on vBulletin Options and choose vBulletin Options |
3 > Choose Censorship Options |
4 > type &# in Censored Words section |
5 > Then click on Save |
####################### |
Our Website : http://www.datacoders.ir |
|
Special Thanks to : H-SK33PY , NEO , Sp|R|T , BigB4NG , 3r1ck , Dr.mute , |
hosinn , NIK , uones , mohammad_ir & all iranian datacoders members |
|
#################
