vBulletin 4.1.x and 5.x.x 0day Exploit

The 1337 hacker released the exploit for vBulletin 4.1.x and 5.x.x on madleets. The major forums hacked by 1337 hacker using the exploit are DirectAdmin, Suse, Siasat Pk, HostDime, ProPakistani and HostMonster.
Details of vBulletin 4.1.x and 5.x.x exploit released by the hacker:
  1. Find a vBulletin 4 or 5 target
  2. Make sure it has a /install/upgrade.php file in it
  3. Go to site.com/install/upgrade.php and right click the page and see source code. Find var CUSTNUMBER =
  4. Once found , copy it
  5. Upload this code onto a server : http://pastebin.com/7FfDZuDk
  6. Once uploaded,open the file
  7. After that paste that CUSTNUMBER into the Customer I.D box (It will be something like 9c4818514a74338f980793e7426b2fb1)
  8. Fill in the other box’s such as site URL, Username, Password and Email.
  9. Once done, click Inject Admin and let the page load
  10. Thats all, now go to the forum and login with the login details which you injected the site with.
How to patch the bug:
Remove the install directory.
  • 4.X – /install/
  • 5.X – /core/install

Milan Tomic

Hi. I’m Designer of Blog Magic. I’m CEO/Founder of ThemeXpose. I’m Creative Art Director, Web Designer, UI/UX Designer, Interaction Designer, Industrial Designer, Web Developer, Business Enthusiast, StartUp Enthusiast, Speaker, Writer and Photographer. Inspired to make things looks better.

  • Image
  • Image
  • Image
  • Image
  • Image
    Blogger Comment
    Facebook Comment


Post a Comment