1. We have moved from vBulletin to XenForo and you are viewing the site in the middle of the move. Though the functional aspect of everything is working fine, we are still working on other changes including the new design on Xenforo.
    Dismiss Notice

Hacking Vbulletin 3.8

Discussion in 'Ethical hacking' started by Yaewahmilan, Jul 12, 2009.

  1. Yaewahmilan

    Yaewahmilan New Member

    So, my buddy runs a server that is supported by Vbulletin 3.8.0 as of right now. He has a brute forcer trying for weeks now it seems which my buddy gloats that no one can get his username/password for admin abilities. Well, me being the good friend that I am want to prove him wrong. I'm not going to delete anything, I just want to log in take a screen shot email it to him showing that it is indeed possible.
    What is the best hackish way to go about retrieving this? The login-attempt after 5 passwords is enabled. Thanks!
     
  2. Hex00010

    Hex00010 New Member

  3. indiansword

    indiansword Security Expert

    In latest version, as if now, there are no publicly released vulnerabilities. However, there is one XSS vulnerability available in "my ads" plugin, where you can get the forum redirected to your own site. So you can redirect users to a phishing site.
     
  4. Hex00010

    Hex00010 New Member

    phising is by far the worst thign ever its gay as hell and u dont learn anything from it

    xss can kiss my *** there is not knowledge of having to learn about it all you do is just inject script commands into the url

    vbulletin i think has finally made it very secured due to all the **** tards releasing the exploits out to the public
     

Share This Page