Find vulnerabilities in vBulletin community software.

vBulletin is one of the popular community, forum software powering more than 100,000 sites on the Internet. Like every software, vBulletin may be vulnerable if not hardened and secured correctly.

As a best practice, you should frequently scan your Internet-facing community to find weaknesses so you can mitigate before hacker’s eyes on it. There are two ways:

  • Manual – run security scan periodically.
  • Automatic – leverage cloud-based scanner to scan regularly and you get notified whenever a vulnerability is found.

As you can guess, the automatic way sounds better.

Why securing a forum?

One may argue, my business is not the forum. It’s just for people to talk to each other, raise issues, etc.

But think about this – your online business has a forum, and there are more than 1 million users. You don’t care about security, and one day someone has hacked the forum and leaked all the user details.

How embarrassing, reputational loss, consumer trust loss, etc.

Let’s explore the tools.

VBScan

A project by OWASP.

VBScan is based on Perl and capable of analyzing vBulletin for vulnerabilities. It includes more than 70 modules to detect the flaws.

Installation is straightforward, and you can use it on any OS.

  • Download the latest version from GitHub
  • Unzip (if you downloaded source as a zip file)
  • Go to the newly created folder during zip extract
  • Change the permission of vbscan.pl to be executable
chmod 755 vbscan.pl

And you are good to go!

[email protected]:~/vbscan-0.1.8# ./vbscan.pl
  _  _  ____  ___   ___    __    _  _
 ( \/ )(  _ \/ __) / __)  /__\  ( \( )
  \  /  ) _ <\__ \( (__  /(__)\  )  (
   \/  (____/(___/ \___)(__)(__)(_)\_)
		(1337.today)
   
    --=[OWASP VBScan
    +---++---==[Version : 0.1.8
    +---++---==[Update Date : [2018/09/13]
    +---++---==[Author : Mohammad Reza Espargham
    +---++---==[Website : www.reza.es
    --=[Code name : Self Challenge
     @OWASP_VBScan , @rezesp , @OWASP


   Usage: 
 	./vbscan.pl <target>
	./vbscan.pl http://target.com/vbulletin


   Options: 
	./vbscan.pl --help

[email protected]:~/vbscan-0.1.8#

Updating vbscan is easy.

./vbscan.pl --upgrade

CMSScan

Above mentioned VBScan powers CMSScan. One advantage it offers is the scheduler. This is great if you are looking for an open-source solution to run periodically and send the reports through email.

Not just VBulletin but CMSScan also let you test WordPress, Joomla, Drupal.

By default, the web interface listening on port 7070 and when you access that in the browser, you will see the beautiful page where you enter the URL to be scanned.

[email protected]:~/CMSScan# ./run.sh 
[2019-09-27 19:09:14 +0000] [25590] [INFO] Starting gunicorn 19.9.0
[2019-09-27 19:09:14 +0000] [25590] [INFO] Listening at: http://0.0.0.0:7070 (25590)
[2019-09-27 19:09:14 +0000] [25590] [INFO] Using worker: sync
[2019-09-27 19:09:14 +0000] [25593] [INFO] Booting worker with pid: 25593
[2019-09-27 19:09:14 +0000] [25594] [INFO] Booting worker with pid: 25594
[2019-09-27 19:09:14 +0000] [25595] [INFO] Booting worker with pid: 25595

TLS Scanner

Geekflare TLS Scanner is not specific to vBulletin, but it is essential to ensure TLS certificate implementation is correct. You can run the test against your vBulletin to find out the supported TLS protocol, ciphers, common web vulnerabilities, and certificate details.

There is more SSL/TLS scanner listed here.

Netsparker

An enterprise-ready scanner is available as self-hosted or cloud-based.

Netsparker can be integrated with development to provide continuous security to small or large websites.

With their proprietary proof-based scanning technology, you can scan vBulletin or entire web applications quickly to get the actionable results. It covers a large number of web vulnerabilities, including OWASP top 10.

Conclusion

Keeping online assets secure is challenging, and periodic scan against vBulletin or any web applications is MUST so you can mitigate as soon as vulnerabilities are found. The above tools help you to find the security flaws, and if you are looking for continuous security protection, then you may choose SUCURI Cloud WAF.