• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

LinuxSec Exploit

Nothing is Ever Locked

  • XSS Payloads
  • About Us

Eksploitasi CMS vBulletin 5.1.2 dengan Metasploit

November 19, 2015 by Jack Wilder Leave a Comment

Kali ini saya akan share tutorial eksploitasi vBulletin 5.1.2 dengan Metasploit. Meskipun saat ini vb sudah melakukan upgrade, namun masih banyak website yang belum mengupdate vb nya ke versi terbaru, jadi masih menyimpan celah.
Pertama, tambahkan module berikut ke metasploit :
https://dl.packetstormsecurity.net/1511-exploits/vbulletin_unserialize.rb.txt
Tutorialnya bisa dilihat disini :
Cara Menambahkan Exploit Baru ke Metasploit

Saat di load via msfconsole, ada beberapa opsi  yang perlu kalian set hanya RHOST dan TARGETURI.
TARGETURI isi dengan path vbulletin diistall, RHOST isi dengan host target / url .

Jika belum jelas, bisa lihat video tutorialnya berikut :
https://www.youtube.com/watch?v=SgTe0d30nqs

Filed Under: Uncategorized Tagged With: Exploit, Hacking, Metasploit

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Popular Post

Laravel PHPUnit Remote Code Execution

bWAPP Remote File Inclusion Medium Security Level

RCE pada Redis via Master-Slave Replication

WordPress Plugin CopySafe PDF Protection Shell Upload

Exploit Drupal Core 7.x Auto SQL Injection dan Upload Shell

FastMail Custom Domain or Subdomain Takeover

Exploit WPStore Themes Upload Vulnerability

Prestashop Module Blocktestimonial File Upload Auto Exploit

Bruteforce FTP Login dengan Metasploit Module FTP Authentication Scanner

Command Injection Bypass Cheatsheet

LinuxSec / 15 queries in 0.14 seconds