[nycphp-talk] Bypassing Registration forms on vBulletin forums ... I guess other forums are having similar problem too?
Ben Sgro
ben at projectskyline.com
Wed Jun 10 13:34:16 EDT 2009
haha sorry - email client went crazy!
Ben Sgro wrote:
> Hey,
>
> Have you searched for exploits for this 3.7 version? Who knows, maybe
> something is public and hasn't been patched yet. Also, I'd do a little
> research
> and see if someone is distributing some kinda vBulletin pwnage attack
> suite or similar. If you can find something, dig through the source
> and I'm sure you can
> secure against such attacks.
>
> I can't imagine there are tons' of 0days for this type of stuff
> sitting around...its got to surface sooner or later.
>
> Also, maybe you could log all SQL queries (if you feel its SQL
> injection) - You'll quickly find the offending query. However, I find
> it hard to believe that
> any modern, up to date web application is not using binded queries.
> But who knows. I have zero experience with vBulletin.
>
> Another option would be to setup a honey pot with vBulletin on it.
> You'll find the exploit with that, probably rather quickly, but this
> does require a good amount of effort
> if your new to honey pots.
>
> Good luck - and let us know,
>
> - Ben
>
> Brian Williams wrote:
>> if it has only started happening with the latest version i would
>> check the vBulletin forums and see if there is a fix for the bug, or
>> to even make sure they know about it.
>>
>>
>>
>> On Tue, Oct 14, 2008 at 11:48 AM, <mikesz at qualityadvantages.com
>> <mailto:mikesz at qualityadvantages.com>> wrote:
>>
>> Hello Brian,
>>
>>
>> Thanks for the reply...
>>
>>
>> I only work on vBulletin and I always make sure I have the latest
>> stuff installed. Earlier versions didn't have problem but since
>> 3.7 seems like the badguys have found a way to just bypass the
>> whole registration process. Like I said in the previous post with
>> captcha and moderation turned on, they still end up in the
>> "registered" member queue. I have not a clue how they got there.
>>
>>
>> I am trapping $_REQUEST to retrieve as much as I can from the form
>> submission to try to analyze what's going on, the software is
>> indeed using $_POST, sorry for the miscommunication.
>>
>>
>> --
>> Best regards,
>>
>> mikesz
>> mailto:mikesz at qualityadvantages.com
>>
>>
>> _______________________________________________
>> New York PHP Community Talk Mailing List
>> http://lists.nyphp.org/mailman/listinfo/talk
>>
>> NYPHPCon 2006 Presentations Online
>> http://www.nyphpcon.com
>>
>> Show Your Participation in New York PHP
>> http://www.nyphp.org/show_participation.php
>>
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> New York PHP Community Talk Mailing List
>> http://lists.nyphp.org/mailman/listinfo/talk
>>
>> NYPHPCon 2006 Presentations Online
>> http://www.nyphpcon.com
>>
>> Show Your Participation in New York PHP
>> http://www.nyphp.org/show_participation.php
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
More information about the talk
mailing list