Sunday, October 20, 2013

|| VBulletin upgrade.php Scanner and Admin Injector ||

by Unknown

You must have heard about the VB upgrade bug, which has been in wild for the past few days. Some opportunists defaced some popular forums using this same bug. Many sites have been patched but still there's plenty of fish in the sea, if you use the right dorks.

Well, I have coded a hunter (PHP tool/script) for that bug. This scripts takes a Google dork from the user and searches for vulnerable VBulletin forums on google and gives you an option to inject an administrator account there.

Main features:
x. Search Google results up to 50 pages.
x. Check each directory (for forums using weird URLs using VBSEO, etc)
x. Targets nulled VB scripts (irrelevant to this bug)
x. Show Alexa rank of vulnerable websites.
x. Single-click administrator account injector.
x. Save vulnerable sites along with alexa rank as 0wn3dLogs.txt
And more...

Here is the screenshot of this PHP tool in action:
I recommend it to use on localhost (Xampp, etc) using proxy. After 10 - 20 scans, Google will backlist your I.P. So you can just change the proxy.
https://www.dropbox.com/s/xg1vyerzcptjcrz/g00n.php
https://www.dropbox.com/s/tpgzf7meedhl2yr/addAdmin.php

Download both files
source:-xploiter.net

About Admin
Hello Myself Avinash the owner of Hackerzadda.com. This is one stop solution site for all your tech and hack realted queries.You will find answer to all your web hack related quries here.

1 comment:

  1. AnonymousOctober 21, 2013 at 11:21 PM

    It gives an error

    Fatal error: Call to undefined function curl_init() in ***
    where *** refers to the file location of g00n.php on my drive

    Need solution for this !

    ReplyDelete