vBulletin x.x.x Customer Area 0day

At least, that’s what the title says on inj3ct0rs.com

Price was $150
Date added on the marketplace there:21/02/2013
The exploit has now been removed.. pity

Perl version

PHP version

This “exploit” is nothing more than a regex on the file: “/install/finalupgrage.php” or “/install/upgrade.php” or “/install/update.php”

If you have a look on the source of those files you can clearly see
var CUSTNUMBER = “336a1e54ff1528f897be111edf3da3d7″;
which is the md5 of the customer’s number(used to access vBulletin.com members area), a 12-character uppercase string
Once cracked(have fun doing that) then you can re-install the forum and access the administrators area.

According to vBulletin

A customer number is a unique number allocated to everyone who purachses a vBulletin license. The customer number, along with a password is required to access the vBulletin Members’ Area.

I don’t really know which vB release versions are “really” affected by the “exploit” but i would assume nulled ones

Leave a Reply

Your email address will not be published. Required fields are marked *