XSS and vBulletin
Does anyone have any experience as an administrator on a vBulletin board?
I have a site that I can inject javascript into, and I plan on implementing a cookie stealer, and ideally I would like to make myself admin on the board. The only problem is vBulletin isn't free, so I even if I got hold of an administrator's session id, I wouldn't know what to do.
I checked out the vBulletin website, and they have a demo version of the board where you can access the admin control panel, but it doesn't have an associated user database, so I can't see how I would go about modifying a user's access level.
Any advice would be helpful.
Edit: After further inspection, it looks like you have to seperately login to the admin control panel. I doubt the session ID I could steal would be any use there.
i2l84u00x00 wrote: google for a NULLED VB forum they arnt legal but neither is hacking so ;)
I do alot of php coding, and a lot of people want me to build mods for vbul… I searched for a nulled forum, and use it offline… It's not illegal till you put it online in my opinion… But yea, its not illegal till you get caught… :ninja: