So, my buddy runs a server that is supported by Vbulletin 3.8.0 as of right now. He has a brute forcer trying for weeks now it seems which my buddy gloats that no one can get his username/password for admin abilities. Well, me being the good friend that I am want to prove him wrong. I'm not going to delete anything, I just want to log in take a screen shot email it to him showing that it is indeed possible. What is the best hackish way to go about retrieving this? The login-attempt after 5 passwords is enabled. Thanks!
i guesss u dont know how to do research? http://www.google.com/search?q=expl...s=org.mozilla:en-US:official&client=firefox-a
In latest version, as if now, there are no publicly released vulnerabilities. However, there is one XSS vulnerability available in "my ads" plugin, where you can get the forum redirected to your own site. So you can redirect users to a phishing site.
phising is by far the worst thign ever its gay as hell and u dont learn anything from it xss can kiss my *** there is not knowledge of having to learn about it all you do is just inject script commands into the url vbulletin i think has finally made it very secured due to all the **** tards releasing the exploits out to the public