• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

LinuxSec Exploit

Nothing is Ever Locked

  • XSS Payloads
  • About Us

Eksploitasi CMS vBulletin 5.1.2 dengan Metasploit

November 19, 2015 by Jack Wilder Leave a Comment

Kali ini saya akan share tutorial eksploitasi vBulletin 5.1.2 dengan Metasploit. Meskipun saat ini vb sudah melakukan upgrade, namun masih banyak website yang belum mengupdate vb nya ke versi terbaru, jadi masih menyimpan celah.
Pertama, tambahkan module berikut ke metasploit :
https://dl.packetstormsecurity.net/1511-exploits/vbulletin_unserialize.rb.txt
Tutorialnya bisa dilihat disini :
Cara Menambahkan Exploit Baru ke Metasploit

Saat di load via msfconsole, ada beberapa opsi  yang perlu kalian set hanya RHOST dan TARGETURI.
TARGETURI isi dengan path vbulletin diistall, RHOST isi dengan host target / url .

Jika belum jelas, bisa lihat video tutorialnya berikut :
https://www.youtube.com/watch?v=SgTe0d30nqs

Shares

Filed Under: Uncategorized Tagged With: Exploit, Hacking, Metasploit

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Popular Post

Deface WordPress Dengan Exploit Archin WordPress Theme 3.2 Unauthenticated Configuration Access Vulnerability

WordPress Army Knife CSRF File Upload Vulnerability

Woocommerce Custom Tshirt Desginer CSRF Shell Upload Vulnerability

Command Injection Bypass Cheatsheet

Download 1n73ct10n / 1n73ction Privat Web Shell by X’1N73CT

DNS Hijacking through Social Engineering

MIME Type Sniffing pada Form Upload Gambar

WordPress Fraction Theme Version 1.1.1 Privilege Escalation

Tutorial Deface – Menutup Halaman Depan Situs Target dengan JS Overlay

Prestashop Module Blocktestimonial File Upload Auto Exploit

LinuxSec / 63 queries in 0.07 seconds