[Bug VBB]vBulletin 3.8.4 & 3.8.5 Registration Bypass Vulnerability

===============================================================

vBulletin 3.8.4 & 3.8.5 Registration Bypass Vulnerability
===============================================================
   010101010101010101010101010101010101010101010101010101010  
   0                                                       0
   1  Iranian Datacoders Security Team 2010                1
   0                                                       0
   010101010101010101010101010101010101010101010101010101010
 
# Exploit Title: vBulletin 3.8.4 & 3.8.5 Around Registration Vulnerability
# Date: 29/08/2010                           
# Author: Immortal Boy                    
# Software Link: http://www.vbulletin.org
# Version: 3.8.4 & 3.8.5
# Google dork 1 : powered by vBulletin 3.8.4
# Google dork 2 : powered by vBulletin 3.8.5
# Platform / Tested on: Multiple
# Category: webapplications
# Code : N/A
 
#  BUG :  #########################################################################
 
1 > Go to Http://[localhost]/path/register.php
2 > Assume that forum admin user name is ADMIN
3 > Type this at User Name ===> ADMIN&#00
4 > &#00 is an ASCII Code
5 > And complete the other parameters
6 > Then click on Complete Registrarion
7 > Now you see that your user name like admin user name
 
After this time the private messages to the user (ADMIN) to sending see for you is sending .
#  Patch :  #######################################################################
1 > Go to AdminCP
2 > Click on vBulletin Options and choose vBulletin Options
3 > Choose Censorship Options
4 > type &# in Censored Words section
5 > Then click on Save
#############################################################################
Our Website : http://www.datacoders.ir
 
Special Thanks to : H-SK33PY , NEO , Sp|R|T , BigB4NG , 3r1ck , Dr.mute ,
hosinn , NIK , uones , mohammad_ir &  all iranian datacoders members
 

#############################################################################

About securityforall

it, smile, share for people,...

Posted on June 24, 2012, in All Bug Collection. Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: