A COMPREHENSIVE STEP BY STEP GUIDE TO DUMPING VBULLETIN FORUMS WITH THE FORUMRUNNER EXPLOIT FOR NOOBS BY DON JUJI OF XDSEC
INTRODUCTION:
The forumrunner exploit is actually technically an sql injection exploit. However you will not be able to use sqlmap or sqli dumper or SIB panel to for this. This vulnerability is public and was disclosed in 2016, however thousands of forums remain vulnerable. It is also a good entry point for shelling via admin panel and pivoting which i will not cover in this tutorial.
It is not going to yield AMAZING results as far as quality, however the results, I promise you, will be exponentially higher quality than sqli dumper or SIB panel dumps.
I will follow this with a more advanced tutorial on the subject later on. Next I plan to cover the shelling and dumping with the vB 5.X RCE vuln.
I will never charge for my tutorials. I simply want to educate the community. Feel free to contact me on the telegram provided at the end of the tutorial but understand I am a very busy guy with 50-100 people trying to contact me per day, I cant always reply quickly and sometimes people get lost. I will do my best however to help you if you are genuinely interested in hacking and need some help.