Hey, I found the exploit, and I logged out which doesn't let me log back in.

Whoever inboxed me, please inbox me again on this account, and I will help you patch the exploit.

Post your fix, please. Thanks

You'll be surprised how simple it is. I'd like a thanks for it though.
It's not dangerous, it's just something fun.


1 > Go to AdminCP

2 > Click on vBulletin Options and choose vBulletin Options

3 > Choose Censorship Options

4 > type & # in Censored Words section

5 > Then click on Save

So you're saying the fix needs a space between the ampersand and the pound symbols?

This, without the quotes, "& #",

Or this, "***"?

Thanks

EDIT, oops, can't do that.

With no space.
The bug is using ASCII code, for example it would be USERNAME& # - Without that space.

Right on, thanks for the heads up. Although exploiting it wasn't very impressive.

As I said, it's not harmful. People exploiting like me, will help the forum. I don't hack using exploits, believe me.

Thanks for pointing it out. We'll all patched and upgraded now.

No problem. You should bold the admins name or colour it, if you know how too. :)

Nathan, this was patched about five minutes after you used the exploit, which is why you weren't able to get back in. I was on this immediately.

It *is* harmful in the fact that it exposes the emulated user's userCP as well as their private messages to the person who uses the exploit. Your use of the exploit is what resulted in your account deletion in the first place.

I'd ask you out of courtesy, please don't go around telling people that this is not harmful. A lot of private information is handled through PMs, and sensitive settings are handled through the userCP.

Exploiting this in public only spreads the fact that the exploit exists and gives other people ideas. If you honestly don't want to cause any harm, then privately communicate with staff on the sites where you determine there is a vulnerability. It may seem fun to go around emulating other members and staff of different sites, but what's fun for you causes panic for staff on the other sites. Please try to be a responsible member of the community and think before you pull a lame brained joke.

I'm sorry, what do you pass via PM? Passwords?

Phone numbers, physical snail mail addresses, details of the tit size of the chick that you boned last night... it could be anything. The thing is that when you post a PM you have a reasonable expectation that the message being sent from you to the recipient is in confidence. It doesn't much matter what the information is. That exploit that you used on this site gives somebody else a channel into private conversations that were never intended for anybody but the recipient(s). It also allows access to that person's userCP, so signatures can be changed, email address can be changed, settings such as subscriptions and the way they view the site can be changed. I hope you get the point.

It's not harmless, and it was a stupid security flaw on vBulletin's part. Just please don't propogate it. *You* might be harmless, but there's a lot of script kiddies out there that if they find out about how this exploit works could wreak havoc on a lot of boards. Just keep it between yourself and the admins of the sites you find vulnerable.

Oh, and thank you for letting us know we were vulnerable, even if it was done in a promiscuous way.