Upload
344

Subscription preferences

Loading...

Loading icon Loading...

Working...

maxel3g3nd

vBSEO XSS Trojan - EvilWebTool

14,915 views 3 years ago
This video demonstrates a recently created tool (EvilWebTool) which abuses a flaw in vBSEO (persistent cross-site scripting), allowing an attacker to inject persistent scripts into the linkback moderation queue.

When an administrator views the moderation queue, an external payload (written in javascript) is loaded directly into the browser window silently, where it without user interaction performs a hidden request to add a new payload to vBulletin, containing PHP Code which the attacker specified in the tool.

You can download this tool at Exploit-DB and maybe, at InterN0T as well.


Check out www.intern0t.net , www.exploit-db.com and twitter.com/intern0t !

If you're more an IRC guy, check out: #exploitdb and #intern0t on irc.freenode.org ! Show less
Read more

MaXe Random 001 Play

Random music chosen between some of my favorite and generally liked tracks. Please note there is no general style and that it switches from track to track.
Loading...
Working...
to add this to Watch Later

Add to