What's new

Researcher break into Trojan Application Backdoor.Win32.VB.oyu

ebenzunlimited

Moderator
The Vulnerability Laboratory Research Team discovered multiple vulnerabilities in the vOlk-Botnet framework application v4.0 private edition.

vOlk-Botnet v4.0 is a remote administration tool, its main function is to manage the HOSTS file of the windows operating systems The code created by [byvOlk] PHP and Visual Basic 6.0.

Vulnerability Details:
1.1
The vulnerability laboratory research team discovered multiple sql injection vulnerabilities in the vOlk-Botnet framework application v4.0 private edition.
The sql vulnerabilities allow remote attackers to inject/execute own sql commands/statements on the affected vOlks botnet application control panel dbms.

The vulnerabilities are located in the Messenger, Filezilla, Estadisticas files with the bound vulnerable ?pag listing parameter. The vulnerability can
be exploited by remote attackers without required user inter action. Successful exploitation of the vulnerabilities result in botnet control panel
compromise via remote sql injection attack.

Vulnerable Files(s):
[+] Messenger.php
[+] Filezilla.php
[+] Estadisticas.php

Vulnerable Parameter(s):
[+] pag


1.2
The vulnerability laboratory research team discovered multiple persistent web vulnerabilities in the vOlk-Botnet framework application v4.0 private edition.
The input validation vulnerabilities allow remote attackers to inject own malicious persistent script code on application side of the botnet framework.
The vulnerabilities are located in the Visit Webpage (Open URL), MSN Stealer, Download File and Setting modules with the bound vulnerable domin,
Pasw, https or messenger bot s name parameters. The vulnerability can be exploited by remote attacker with low or medium required user inter action.
Successful exploitation of the vulnerabilities result in botnet control panel compromise via session hijacking, persistent web context manipulation or
combined csrf request manipulation.

Vulnerable Module(s):
[+] MSN Stealer
[+] Visit Webpage (Open URL)
[+] Download File
[+] Setting

Vulnerable Parameter(s):
[+] Name - Bot s Name
[+] URL - Open URL Bots
[+] URL - Download url
[+] Password Administrator & User Administrator


Dork CodeSearch:  <p><font color=``#FFFFFF`` face=``Tahoma`` size=``1``>vOlk-Botnet 4.0</font></p>``  or ``<title>[vOlk-Botnet]v 4.0 Login</title>``
DorK Google:      allinurl:vOlk-Botnet 4.0    or  subtitle:[byvOlk] - WebAdmin Panel ? vOlk-Botnet 4.0    and  allinurl:WebAdmin/archivos/imagen/logo.jpg
 
Top