Why this tool?
- There are still many vBulletin forums on the internet and the original project, OWASP_VBScan is unmaintained
- Some minor problems of output message
- Original project is written in perl
=> I ported the project to python3, create new data base in json format
What does it have?
- Enumerate paths, just like original version
- Compare version with vuln db, but with custom code and custom db. Bugs and mistakes are expected
- Exploit checks (added some new exploits)
What is missing?
- password logger detecting
- Tapatalk vulnerability
- html tags status
- Parse version from index’s footer
- Support sub-version comparison (patch, beta, rc, …)
URL: https://nest.parrotsec.org/packages/tools/vbyscan/
Any exploits / modules / suggestions are welcome