Cryptocat is an experimental browser-based chat client for easy to use,
encrypted conversations. It aims to make encrypted, private chat easy to
use and accessible. We want to break down the barrier that prevents the
general public from having an accessible privacy alternative that they
already know how to use. Cryptocat is currently available for Chrome,
Firefox and Safari. It uses the OTR protocol over XMPP for encrypted two-party chat and the (upcoming) mpOTR protocol for encrypted multi-party chat.
This Metasploit module exploits a SQL injection vulnerability found in
vBulletin 5 that has been used in the wild since March 2013. This
Metasploit module uses the sqli to extract the web application's
usernames and hashes. With the retrieved information tries to log into
the admin control panel in order to deploy the PHP payload. This
Metasploit module has been tested successfully on VBulletin Version
5.0.0 Beta 13 over an Ubuntu Linux distribution.