How To Use Owasp Vbscan? – POFTUT

How To Use Owasp Vbscan?

VBscan is a security tool used to scan and find vulnerabilities in vBulletin forums. As we know these type of software have a lot of vulnerabilities to exploit and attackers use these very good. Credits goes to Mohammed Reza Espargham


Installing Vbscan is just getting perl code from github.

Start Scan with Vbscan

Starting is easy as just one command and there is no much alternative options. For security reasons we will use domain name as but the actual site is real.

It will try some exploits and output the findings to the terminal and as html.


Details about the Vbscan

Firewall Status

This part will provide information about VBulletin based Firewall existince

LEARN MORE  UEFI or Unified Extensible Firmware Interface

vBulletin Version

The vBulletin version is 3.8.9

echo '


This part will provide information about CVE based vulnerabilities


License information

Apache Info

The web server running VBulletin web applications

Admin Control Panel

Admin and remote access pages information is provided.


Checks if validator.php exists


Checking robots.txt file which is used by site crawling bots. This can provide interesting and valuable information.

c99 Xml Shell

This is an old vulnerability

LEARN MORE  HMAC (Hach-based Message Authentication Code) Tutorial

Backup Files

Can we access the backup files. This can occur  in misconfiguration situations.

Log Files

Can we access the logs files

Config Files

We have found config files where database username and password exists

RCE Backdoor

Are the any remote code execution backdoor?


This check is done whether to learn there is Local File Inclusion vulnerability

Sql Injection

We will check the arcade.php if there is an sql injection vulnerability.

LEARN MORE  How To Save and Restore Iptables Rules Permanently In Ubuntu, CentOS, Fedora, Debian, Kali, Mint?


How To Use Owasp Vbscan? Infografic

How To Use Owasp Vbscan? Infografic

How To Use Owasp Vbscan? Infografic


2 Responses

  1. terwixonse says:

    Help. I am looking for guide

  2. terwixonse says:

    I am from Slovenia. I can help with build this forum. Thanks for approved.

    Jaz sem Slovenka. Lahko pomagam pri razvoju foruma.

Leave a Reply

Your email address will not be published. Required fields are marked *