===============================================================
vBulletin 3.8.4&3.8.5 Registration Bypass Vulnerability
===============================================================01010101010101010101010101010101010101010101010101010101000
1Iranian Datacoders Security Team 2010100010101010101010101010101010101010101010101010101010101010# Exploit Title: vBulletin 3.8.4 & 3.8.5 Around Registration Vulnerability# Date: 29/08/2010# Author: Immortal Boy # Software Link: http://www.vbulletin.org# Version: 3.8.4 & 3.8.5# Google dork 1 : powered by vBulletin 3.8.4# Google dork 2 : powered by vBulletin 3.8.5# Platform / Tested on: Multiple# Category: webapplications# Code : N/A#BUG :#########################################################################1> Go to Http://[localhost]/path/register.php
2> Assume that forum admin user name is ADMIN
3> Type this at User Name ===> ADMIN>� is an ASCII Code5> And complete the other parameters
6> Then click on Complete Registrarion
7> Now you see that your user name like admin user name
After this time the private messages to the user (ADMIN) to sending see for you is sending .#Patch :#######################################################################1> Go to AdminCP
2> Click on vBulletin Options and choose vBulletin Options
3> Choose Censorship Options
4>type&# in Censored Words section5> Then click on Save
#############################################################################
Our Website : http://www.datacoders.ir
Special Thanks to : H-SK33PY , NEO , Sp|R|T , BigB4NG , 3r1ck , Dr.mute ,
hosinn , NIK , uones , mohammad_ir &all iranian datacoders members
#############################################################################
