Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #############################################################################
- # Exploit Title : vBulletin 4.2.5 Advanced User Tagging v3.1.3 Pro Open Redirection
- # Author [ Discovered By ] : KingSkrupellos
- # Team : Cyberizm Digital Security Army
- # Date : 02/03/2019
- # Vendor Homepage : vbulletin.com ~ dragonbyte-tech.com
- # Software Information Link : dragonbyte-tech.com/store/advanced-user-tagging.20/
- ihax.fr/threads/advanced-application-forms-1-2-12.5493/
- # Software Affected Version : 3.1.3 Pro and Lite / All previous versions
- Compatible with vBulletin 3.8.x vBulletin 4.x.x
- # Tested On : Windows and Linux
- # Category : WebApps
- # Exploit Risk : Medium
- # Google Dorks :
- intext:Powered by vBulletin® Version 4.2.5 - Advanced User Tagging v3.1.3 (Pro)
- intext:User Alert System provided by Advanced User Tagging v3.1.3 (Pro) -
- vBulletin Mods & Addons Copyright © 2019 DragonByte Technologies Ltd.
- intext:vBulletin Skins by Bluepearl Skins
- intext:Image resizer by SevenSkins
- # Vulnerability Type : CWE-601 [ URL Redirection to Untrusted Site ('Open Redirect') ]
- # PacketStormSecurity : packetstormsecurity.com/files/authors/13968
- # CXSecurity : cxsecurity.com/author/KingSkrupellos/1/
- # Exploit4Arab : exploit4arab.org/author/351/KingSkrupellos
- #############################################################################
- # Description about Software :
- ***************************
- Advanced User Tagging is designed to increase activity on your forum by allowing
- members to mention each other in posts when talking about them.
- This is done in a very easy way, very similar to how Twitter mentions people.
- #############################################################################
- # Impact :
- *********
- This web application vBulletin 4.2.5 Advanced User Tagging v3.1.3 accepts a user-controlled
- input that specifies a link to an external site, and uses that link in a Redirect.
- This simplifies phishing attacks. An http parameter may contain a URL value and could cause
- the web application to redirect the request to the specified URL. By modifying the URL value
- to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials.
- Because the server name in the modified link is identical to the original site, phishing attempts
- have a more trustworthy appearance.
- Open redirect is a failure in that process that makes it possible for attackers to steer users to malicious websites.
- This vulnerability is used in phishing attacks to get users to visit malicious sites without realizing it.
- Web users often encounter redirection when they visit the Web site of a company whose name
- has been changed or which has been acquired by another company. Visiting unreal web page
- user's computer becomes affected by malware the task of which is to deceive the valid actor and steal his personal data.
- #############################################################################
- # Open Redirection Exploit :
- ************************
- /forum/redirect-to/?redirect=https://www.[REDIRECTION-ADDRESS].gov
- /redirect-to/?redirect=https://www.[REDIRECTION-ADDRESS].gov
- #############################################################################
- # Example Vulnerable Sites :
- *************************
- [+] ozmpsclub.com/forum/redirect-to/?redirect=https://cxsecurity.com/
- [+] forum.jokergaming.ir/redirect-to/?redirect=https://cxsecurity.com/
- #############################################################################
- # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
- #############################################################################
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement