The Tech Diary of an IT support geek

  • Home
  • Android
  • iOS
  • Mobile
  • PC
  • Tips
  • Contact US
Home » Researcher break into Trojan Application Backdoor.Win32.VB.oyu

Researcher break into Trojan Application Backdoor.Win32.VB.oyu

 The Vulnerability Laboratory Research Team discovered multiple vulnerabilities in the vOlk-Botnet framework application v4.0 private edition.

vOlk-Botnet v4.0 is a remote administration tool, its main function is to manage the HOSTS file of the windows operating systems The code created by [byvOlk] PHP and Visual Basic 6.0.

Vulnerability Details:
1.1
The vulnerability laboratory research team discovered multiple sql injection vulnerabilities in the vOlk-Botnet framework application v4.0 private edition.
The sql vulnerabilities allow remote attackers to inject/execute own sql commands/statements on the affected vOlks botnet application control panel dbms.

The vulnerabilities are located in the Messenger, Filezilla, Estadisticas files with the bound vulnerable ?pag listing parameter. The vulnerability can
be exploited by remote attackers without required user inter action. Successful exploitation of the vulnerabilities result in botnet control panel
compromise via remote sql injection attack.

Vulnerable Files(s):
Messenger.php
Filezilla.php
Estadisticas.php

Vulnerable Parameter(s):
pag

1.2
The vulnerability laboratory research team discovered multiple persistent web vulnerabilities in the vOlk-Botnet framework application v4.0 private edition.
The input validation vulnerabilities allow remote attackers to inject own malicious persistent script code on application side of the botnet framework.
The vulnerabilities are located in the Visit Webpage (Open URL), MSN Stealer, Download File and Setting modules with the bound vulnerable domin,
Pasw, https or messenger bot s name parameters. The vulnerability can be exploited by remote attacker with low or medium required user inter action.
Successful exploitation of the vulnerabilities result in botnet control panel compromise via session hijacking, persistent web context manipulation or
combined csrf request manipulation.

Vulnerable Module(s):
MSN Stealer
Visit Webpage (Open URL)
Download File
Setting

Vulnerable Parameter(s):
Name – Bot s Name
URL – Open URL Bots
URL – Download url
Password Administrator & User Administrator

Dork CodeSearch:  vOlk-Botnet 4.0
“   or “[vOlk-Botnet]v 4.0 Login“
DorK Google:      allinurl:vOlk-Botnet 4.0    or  subtitle:[byvOlk] – WebAdmin Panel ® vOlk-Botnet 4.0    and  allinurl:WebAdmin/archivos/imagen/logo.jpg Continue Reading Researcher break into Trojan Application Backdoor.Win32.VB.oyu

  • Facebook
  • Twitter
  • LinkedIn
  • WhatsApp
  • Reddit

Related

Posted by Obasi Miracle on this date: Leave a Comment
Shortlink:

Sign Up in Seconds

Join us to get latest posts (ONLY) delivered to your inbox. No Spam, We Promise!

About Obasi Miracle

I am a dedicated web developer with interest in blogging and app development. I have lots of buddies and always ready to connect with like-minded pals - See more about me.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Next PostSecurity flaw in Facebook exposes user phone numbers
Previous PostHow to create Custom URL in blogger

RSS Inside: 3rd Planet Techies

  • 15 Best Android Auto Apps For Your Car In 2023
  • 12 Best Truck Simulator Games For Android And iOS
  • Full List Of Cars With An S Logo
  • Usability vs. User Acceptance: What are the Differences Between UI and UA Testing?

Sign Up in Seconds

Join us to get latest posts (ONLY) delivered to your inbox. No Spam, We Promise!


Recent Posts

  • Full List Of Cars With An S Logo [3ptechies]
  • Factors to Consider When Searching for the Best Mobile Phone Plans
  • Do Battery Savers Work? Can They Really Extend Battery Life?
  • Why Does Phone Keep Turning Off Itself and 9 Ways to Fix It

Looking For?

mtn cheat for android, how to transfer data on etisalat, how to share data on airtel, How to share data on etisalat, mtn free browsing cheat for android phones, how to transfer mb on etisalat, mtn mb cheat for android, mtn free browsing on android, how to transfer data on airtel, latest mtn cheat for android, mtn free browsing cheat codes with unlimited data downloads, how to share airtel data, mtn cheat code for android, best airtel tariff plan for browsing, 2go for windows phone, sharemobile ro, how to transfer etisalat data, mtn cheats for android, etisalat data transfer, airtel data share
© 2022. The Tech Diary of an IT support geek. Privacy Policy