Author Topic: Researcher break into Trojan Application Backdoor.Win32.VB.oyu  (Read 242 times)

0 Members and 1 Guest are viewing this topic.

Offline ebenzunlimited

  • Lead Admin
  • *****
The Vulnerability Laboratory Research Team discovered multiple vulnerabilities in the vOlk-Botnet framework application v4.0 private edition.

vOlk-Botnet v4.0 is a remote administration tool, its main function is to manage the HOSTS file of the windows operating systems The code created by [byvOlk] PHP and Visual Basic 6.0.

Vulnerability Details:
1.1
The vulnerability laboratory research team discovered multiple sql injection vulnerabilities in the vOlk-Botnet framework application v4.0 private edition.
The sql vulnerabilities allow remote attackers to inject/execute own sql commands/statements on the affected vOlks botnet application control panel dbms.

The vulnerabilities are located in the Messenger, Filezilla, Estadisticas files with the bound vulnerable ?pag listing parameter. The vulnerability can
be exploited by remote attackers without required user inter action. Successful exploitation of the vulnerabilities result in botnet control panel
compromise via remote sql injection attack.

Vulnerable Files(s):
  • Messenger.php
  • Filezilla.php
  • Estadisticas.php


Vulnerable Parameter(s):
  • pag



1.2
The vulnerability laboratory research team discovered multiple persistent web vulnerabilities in the vOlk-Botnet framework application v4.0 private edition.
The input validation vulnerabilities allow remote attackers to inject own malicious persistent script code on application side of the botnet framework.
The vulnerabilities are located in the Visit Webpage (Open URL), MSN Stealer, Download File and Setting modules with the bound vulnerable domin,
Pasw, https or messenger bot s name parameters. The vulnerability can be exploited by remote attacker with low or medium required user inter action.
Successful exploitation of the vulnerabilities result in botnet control panel compromise via session hijacking, persistent web context manipulation or
combined csrf request manipulation.

Vulnerable Module(s):
  • MSN Stealer
  • Visit Webpage (Open URL)
  • Download File
  • Setting


Vulnerable Parameter(s):
  • Name - Bot s Name
  • URL - Open URL Bots
  • URL - Download url
  • Password Administrator & User Administrator



Dork CodeSearch:  <p><font color=``#FFFFFF`` face=``Tahoma`` size=``1``>vOlk-Botnet 4.0</font></p>``   or ``<title>[vOlk-Botnet]v 4.0 Login</title>``
DorK Google:      allinurl:vOlk-Botnet 4.0    or  subtitle:[byvOlk] - WebAdmin Panel vOlk-Botnet 4.0    and  allinurl:WebAdmin/archivos/imagen/logo.jpg
Insane I Lived♥ Sane I Died♥<img src='http://i253.photobucket.com/albums/hh74/reallytired2/family%20pictures/buckeye%20stuff/clap.gif' />

 

* Post Updates

Re: Outlook PST Merge by ruth less
[November 11, 2020, 07:22:38 AM]


Re: How to Convert OLM to PST by priyankaarya
[November 10, 2020, 01:03:10 PM]


Re: DBX to PST Conversion tool by adisiion de
[November 05, 2020, 01:18:47 PM]

Inside: 3P Techies Blog

* Newest Techies

Get Updates


Sign up to get latest updates delivered to your inbox. No Spam, We Promise!

Get Hosting!

a Faster web hosting service

Copyright 3rd Planet Techies. All rights Reserved.

Top || Mobile ||Advertise || Contact Us || Privacy