Hi guys
this is my new project, i trying develop this around vbulletin vulnerability scan

description :
VBScan is a Black Box vBulletin Vulnerability Scanner
Written in Perl

vbscan project at sourceforge and github:

SourceForge :   https://sourceforge.net/projects/vbscan/
Github         :   https://github.com/rezasp/vbscan/


Demo on youtube :
https://www.youtube.com/watch?v=wjhrobz3W_4
https://www.youtube.com/watch?v=iiDh69lGZ78

screen shot:


please report any bug to : me@reza.es
thank you, best regards

Hi,

Thanks you for sharing with our community, we will check tool on our side.

Cheers!

that is very useful I suppose.

vBulletin scan is cool idea.

+1 ;)

hello guys
thanks for this reports.
VBScan Version 0.1.2 Released <3

What's New in Version 0.1.2

•   I new version I have added https support.
  
•   Fixed Reported Bugs
  
  SourceForge : https://sourceforge.net/projects/vbscan/
  Github : https://github.com/rezasp/vbscan/

hello guys
thanks for this reports.
VBScan Version 0.1.3 Released <3

What's New in Version 0.1.3
 - Change Default UserAgent
 - Fixed admincp/modcp finder bug
 - Fixed Reported Bugs

SourceForge : https://sourceforge.net/projects/vbscan/
Github : https://github.com/rezasp/vbscan/

hi
do you check this tool ?

Hi,

Sorry for late update. Tools for me looks ok, and I will see with other devs how things goes for the future release.

Anyway, thank you for sharing with community.

GJ

hello guys
thanks for this reports.
VBScan Version 0.1.4 Released <3

VBScan is an opensource project in perl programming language to detect VBulletin CMS vulnerabilities and analyses them .



Why VBScan ?

If you want to do a penetration test on a vBulletin Forum, VBScan is Your best shot ever! This Project is being faster than ever and updated with the latest VBulletin vulnerabilities.



What's New in Version 0.1.4  [Dennis Ritchie]

VBScan 0.1.4
* Changed vulnerability scanner engine
* Changed default specified timeout to 180 seconds
* Added VBulletin 5.x RCE Exploit
* Added txt report output
* Fixed YUI 2.9.0 XSS false positive
* Fixed reported bugs

Codename :  [Dennis Ritchie]
SourceForge : https://sourceforge.net/projects/vbscan/
Github : https://github.com/rezasp/vbscan/

hello there,
sorry for the delay but we didn't have a chance to look into this tool....

we have checked recently and tried, it seems working well so we have decided to include into our BackBox repository.

We will be working on packaging unless the author himself would like to build the package on launchpad and let us know about it.

I tested tool as well, and I was playing to build package, get some issue and contacted tool dev (send him PM). I'm not that good in packaging I know, but hope that we will find solution.

Edit: Beta package was good, dev fixed small coding issue and now we can move to real test state. Thanks r3z4 for your help.

Thank you for your responding.

VBScan Version 0.1.5 Released <3

VBScan is an opensource project in perl programming language to detect VBulletin CMS vulnerabilities and analyses them .



Why VBScan ?

If you want to do a penetration test on a vBulletin Forum, VBScan is Your best shot ever! This Project is being faster than ever and updated with the latest VBulletin vulnerabilities.



What's New in Version 0.1.5  [Dennis Ritchie]


VBScan 0.1.5 [Dennis Ritchie]
============
* Fixed html tags module bug
* Fixed issues #8 #9
* Fixed reported bugs

OWASP VBScan Version 0.1.6 Released

Why OWASP VBScan ?

If you want to do a penetration test on a vBulletin Forum, OWASP VBScan is Your best shot ever! This Project is being faster than ever and updated with the latest VBulletin vulnerabilities.

Project Leader : Mohammad Reza Espargham
Github : https://github.com/rezasp/vbscan/
SourceForge : https://sourceforge.net/projects/vbscan/
OWASP Page : https://www.owasp.org/index.php/OWASP_VBScan_Project




What's New in Version 0.1.6  [Dennis Ritchie]


VBScan 0.1.6 [Dennis Ritchie]
============
* Project name has been changed to "OWASP VBScan"
* Added automatic vBulletin detection
* Added robots.txt analyzer module
* Added vbulletin LICENSE checker module
* Optimized backup finder module
* Optimized exploit check module
* Fixed YUI 2.9.0 XSS false positive
* Vbulletin version checker module bug fixed
* "-h" switch not exist anymore

Please Backbox Team, add this awesome tool <3

OWASP VBScan Version 0.1.7 Released

Why OWASP VBScan ?

If you want to do a penetration test on a vBulletin Forum, OWASP VBScan is Your best shot ever! This Project is being faster than ever and updated with the latest VBulletin vulnerabilities.

Project Leader : Mohammad Reza Espargham
Github : https://github.com/rezasp/vbscan/
SourceForge : https://sourceforge.net/projects/vbscan/
OWASP Page : https://www.owasp.org/index.php/OWASP_VBScan_Project




What's New in Version 0.1.7


OWASP VBScan 0.1.7 [Larry Wall]
============
* Updated exploit database
* Compatible With Windows [Linux,OSX,Windows]
* Added Full Path Disclosure (FPD) module
* Added firewall detect/bypass module
* Optimized version checker module engine [#12 issue]
* Upgrade config finder module
* Random user agent module set as default setting
* Added HTML Report


OWASP VBScan Teaser
https://www.youtube.com/watch?v=NGEtJoGL2yA

OWASP VBScan 0.1.7 introduction
https://www.youtube.com/watch?v=SirozqDYERA

I am glad to inform you that we have this tool added to our to-do list, to be integrated and released with BackBox 5!