The Tech Diary of an IT support geek

Home » Researcher break into Trojan Application Backdoor.Win32.VB.oyu

Researcher break into Trojan Application Backdoor.Win32.VB.oyu

 The Vulnerability Laboratory Research Team discovered multiple vulnerabilities in the vOlk-Botnet framework application v4.0 private edition.

vOlk-Botnet v4.0 is a remote administration tool, its main function is to manage the HOSTS file of the windows operating systems The code created by [byvOlk] PHP and Visual Basic 6.0.

Vulnerability Details:
1.1
The vulnerability laboratory research team discovered multiple sql injection vulnerabilities in the vOlk-Botnet framework application v4.0 private edition.
The sql vulnerabilities allow remote attackers to inject/execute own sql commands/statements on the affected vOlks botnet application control panel dbms.

The vulnerabilities are located in the Messenger, Filezilla, Estadisticas files with the bound vulnerable ?pag listing parameter. The vulnerability can
be exploited by remote attackers without required user inter action. Successful exploitation of the vulnerabilities result in botnet control panel
compromise via remote sql injection attack.

Vulnerable Files(s):
Messenger.php
Filezilla.php
Estadisticas.php

Vulnerable Parameter(s):
pag

1.2
The vulnerability laboratory research team discovered multiple persistent web vulnerabilities in the vOlk-Botnet framework application v4.0 private edition.
The input validation vulnerabilities allow remote attackers to inject own malicious persistent script code on application side of the botnet framework.
The vulnerabilities are located in the Visit Webpage (Open URL), MSN Stealer, Download File and Setting modules with the bound vulnerable domin,
Pasw, https or messenger bot s name parameters. The vulnerability can be exploited by remote attacker with low or medium required user inter action.
Successful exploitation of the vulnerabilities result in botnet control panel compromise via session hijacking, persistent web context manipulation or
combined csrf request manipulation.

Vulnerable Module(s):
MSN Stealer
Visit Webpage (Open URL)
Download File
Setting

Vulnerable Parameter(s):
Name – Bot s Name
URL – Open URL Bots
URL – Download url
Password Administrator & User Administrator

Dork CodeSearch:  vOlk-Botnet 4.0
“   or “[vOlk-Botnet]v 4.0 Login“
DorK Google:      allinurl:vOlk-Botnet 4.0    or  subtitle:[byvOlk] – WebAdmin Panel ® vOlk-Botnet 4.0    and  allinurl:WebAdmin/archivos/imagen/logo.jpg Continue Reading Researcher break into Trojan Application Backdoor.Win32.VB.oyu

Posted by Obasi Miracle on this date: Leave a Comment
Shortlink:

Sign Up in Seconds

Join us to get latest posts (ONLY) delivered to your inbox. No Spam, We Promise!

About Obasi Miracle

I am a dedicated web developer with interest in blogging and app development. I have lots of buddies and always ready to connect with like-minded pals - See more about me.

Leave a Reply

Your email address will not be published. Required fields are marked *