[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

QBOT Botnet C2 Panel - Authentication Bypass Vulnerability

[ 0Day-ID-35927 ]
Full title
QBOT Botnet C2 Panel - Authentication Bypass Vulnerability [ Highlight ]
Highlight - is paid service, that can help to get more visitors to your material.

Price: 10
Date add
Category
Platform
Verified
Price
 
0.007 BTC

 
700 USD
Risk
[
Security Risk High
]
Rel. releases
Description
A vulnerability exists in the Qbot botnet C2, in the code that performs the login. A remote attacker can exploit it to bypass the authentication, having the ability to control the botnet and perform action as an authenticated user, like taking control of the botnet.

This Botnet has a lot of variants, which makes it more difficult to categorize it in versions.

Hopefully, all the versions found out there are found to be vulnerable, just minor changes are required for the exploit to work. Most versions out there are vulnerable.
Usage info
Usage: python exploit.py <ip> <port>

After the exploit performs the authentication bypass, a Telnet interactive communication will be opened to interact with the server administration command line.
Vendor
https://github.com/geniosa/qbot
Affected ver
All the Qbot botnet variants found has been detected to be vulnerable. Minor changes in the exploit are required for it to work.
Tested on
Material is tested on: https://github.com/geniosa/qbot

aswell as other botnet variants (just changing offset).
Tags
Prooves Information
Video proof
Other Information
Abuses
0
Comments
0
Views
15 182
We DO NOT use Telegram or any messengers / social networks! We DO NOT use Telegram or any messengers / social networks! Please, beware of scammers!
Please login or register to buy exploit.
OR
Buy incognito
0
0
Verified by 0day Admin
Verified by 0day Admin
This material is checked by Administration and absolutely workable.
Learn more about    GOLD:
0day.today Gold is the currency of 0day.today project and is denoted on this site as such image: . It used for paying for the services, buying exploits, earning money, etc
We accept:
BitCoin (BTC)
You can pay us via BTC
LiteCoin (LTC)
You can pay us via LTC
Ethereum (ETH)
You can pay us via ETH

Author
BL
29
Exploits
1
Readers
0
[ Comments: 0 ]
Terms of use of comments:
  • Users are forbidden to exchange personal contact details
  • Haggle on other sites\projects is forbidden
  • Reselling is forbidden
Punishment: permanent block of user account with all Gold.

Login or register to leave comments