Jump to content
vBWarez - Rest In Peace

vBulletin Forum hacked with Zero Day vulnerability


Recommended Posts

[SIZE=4][CENTER]vBulletin Forum hacked with Zero Day vulnerability, caused Macrumors Forum Data breach[/CENTER][/SIZE]

[CENTER][img]http://4.bp.blogspot.com/-3cbQOf9p11Q/UojQIv7fr0I/AAAAAAAAY2I/f_nnnm64vtI/s728/vBulletin+Forum+hacked+with+Zero+Day+vulnerability,+caused+Macrumors+Forum+Data+breach.jpg[/img][/CENTER]

Last Tuesday, Popular Mac news website MacRumors's user forums was hacked and forum database has been compromised including the username, email and passwords belonging to all 860,000 registered users.


Yesterday, Inj3ct0r Team of Exploit Database website 1337Day claimed the responsibility for the hack and also claimed that they have also hacked the official website of vBulletin Forum using a Zero Day exploit

[QUOTE]"Macrumors.com was based on vBulletin CMS. We use our 0day exploit vBulletin, got password moderator. 860000 user data hacked too. The network security is a myth" [/QUOTE]he told me.

During the conversation, team leader told me that he has discovered a Zero Day Remote Code Execution vulnerability in vBulletin v4.x.x and 5.х.x, that allows an attacker to execute arbitrary code on the server end remotely.

On their exploit marketplace they are also selling this zero day exploitwith Shell Upload payload at $7000 USD. [QUOTE]"We found a critical vulnerability in all vBulletin versions 4.x.x and 5.х.x. We have successfully uploaded our shell on the official vbulletin server and dumped their database after getting root access. All those wishing to buy this vulnerability and patch their forums can get the exploit from our site."[/QUOTE] he added.

For proof of concept, they have shared some screenshots of vBulletin database and server shell, as shown below:
[img]http://4.bp.blogspot.com/-ZP-mwKb5Scw/UojI8Fhs2lI/AAAAAAAAY1Q/DSE33n4ah8I/s728/vBulletin+Forum+hacked+db.png[/img]
[img]http://1.bp.blogspot.com/-dSa8VbU8dPU/UojI8ZUbk9I/AAAAAAAAY1U/3JRP4V6sDPY/s728/vBulletin+Forum+hacked+shell.png[/img]
[img]http://3.bp.blogspot.com/-Rqx2pJAjduU/UojI9hbQ5YI/AAAAAAAAY1w/WuwWnOMhFPk/s728/vBulletin+Forum+hacked+users3.png[/img]

Source:
[CODE]http://thehackernews.com/2013/11/vBulletin-hacked-Zero-Day-vulnerability.html[/CODE]


The official vBulletin team also admitted the breach and issued a via e-mail and company forum post, urged customers to change their passwords as soon as possible.

[QUOTE]"Very recently, our security team discovered sophisticated attacks on our network, involving the illegal access of forum user information, possibly including your password."[/QUOTE]

And i am waiting desperately for the fix
  • Like 2
Link to post
Share on other sites
[quote name='wajiman'][SIZE=4][CENTER]vBulletin Forum hacked with Zero Day vulnerability, caused Macrumors Forum Data breach[/CENTER][/SIZE]

[CENTER][img]http://4.bp.blogspot.com/-3cbQOf9p11Q/UojQIv7fr0I/AAAAAAAAY2I/f_nnnm64vtI/s728/vBulletin+Forum+hacked+with+Zero+Day+vulnerability,+caused+Macrumors+Forum+Data+breach.jpg[/img][/CENTER]

Last Tuesday, Popular Mac news website MacRumors's user forums was hacked and forum database has been compromised including the username, email and passwords belonging to all 860,000 registered users.


Yesterday, Inj3ct0r Team of Exploit Database website 1337Day claimed the responsibility for the hack and also claimed that they have also hacked the official website of vBulletin Forum using a Zero Day exploit

he told me.

During the conversation, team leader told me that he has discovered a Zero Day Remote Code Execution vulnerability in vBulletin v4.x.x and 5.х.x, that allows an attacker to execute arbitrary code on the server end remotely.

On their exploit marketplace they are also selling this zero day exploitwith Shell Upload payload at $7000 USD. he added.

For proof of concept, they have shared some screenshots of vBulletin database and server shell, as shown below:
[img]http://4.bp.blogspot.com/-ZP-mwKb5Scw/UojI8Fhs2lI/AAAAAAAAY1Q/DSE33n4ah8I/s728/vBulletin+Forum+hacked+db.png[/img]
[img]http://1.bp.blogspot.com/-dSa8VbU8dPU/UojI8ZUbk9I/AAAAAAAAY1U/3JRP4V6sDPY/s728/vBulletin+Forum+hacked+shell.png[/img]
[img]http://3.bp.blogspot.com/-Rqx2pJAjduU/UojI9hbQ5YI/AAAAAAAAY1w/WuwWnOMhFPk/s728/vBulletin+Forum+hacked+users3.png[/img]

Source:
[CODE]http://thehackernews.com/2013/11/vBulletin-hacked-Zero-Day-vulnerability.html[/CODE]


The official vBulletin team also admitted the breach and issued a via e-mail and company forum post, urged customers to change their passwords as soon as possible.



And i am waiting desperately for the fix[/QUOTE]

There is no zero day vuln. It was just rumors:lol:
Link to post
Share on other sites
  • 1 month later...
  • 1 year later...
  • 11 months later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...