lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <CADe7mMf3sb_XtYzS-DOq1zWs4HFg-0PpV5_VR_SrDv21mz9kEA@mail.gmail.com>
Date: Thu, 30 Aug 2012 03:25:40 -0700
From: kaveh ghaemmaghami <kavehghaemmaghami@...glemail.com>
To: full-disclosure@...ts.grok.org.uk
Subject: vBulletin and MyBB Vulnerability

How I hijacked users, username and password with posting an image link
in vBulletin and MyBB

Vulnerability details:
I have posted an image link from my web site the image link that I
have posted is protected by basic authentication. I am authenticated
to the protected image folder that I am going to post which means I
can post the link and it will load from forum to me because I am
Authenticated to the protected file but others not. This is the point,
when a vBulletin based forum  trying to load my posted image to users
who trying to read my post a logging massage box going to prompt and
requiring them for logging again with their username and password and
when they fill up prompted massage box with their username and
password I was able to hijack their username and password.

check out attached image

cheers
coolkaveh

Download attachment "aut.jpg" of type "image/jpeg" (21728 bytes)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ