|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 104
Members: 0
Total: 104
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
phpbb denial of service |
|
Posted: Fri Jun 24, 2005 6:59 pm |
|
|
oxygenne |
Advanced user |
|
|
Joined: Apr 13, 2005 |
Posts: 52 |
|
|
|
|
|
|
|
Any fix for the latest dos exploit in phpbb 2.0.15 |
|
|
|
|
Posted: Fri Jun 24, 2005 8:46 pm |
|
|
g30rg3_x |
Active user |
|
|
Joined: Jan 23, 2005 |
Posts: 31 |
Location: OutSide Of The PE |
|
|
|
|
|
|
sorry but de NsT members dont really now why our advisory with the fixes are not in public, but the tools are now in milw0rm.com for full public (script kiddies acces):
the Advisory:
-------------------------------------------------
Edit For Post Best View
Link:
http://www.chxsecurity.org/Advisory-15.txt
--------------------------------------------------
sorry for the missunderstading
excuses all NsT Team for the problems with our PoC's
PD: The NsT web is off because a moving of hosting provider but you can view in our temporarily mirror http://www.chxsecurity.org/Advisory-15.txt |
|
Last edited by g30rg3_x on Wed Jun 29, 2005 2:17 am; edited 2 times in total |
|
|
|
|
|
|
|
Posted: Sun Jun 26, 2005 9:33 am |
|
|
oxygenne |
Advanced user |
|
|
Joined: Apr 13, 2005 |
Posts: 52 |
|
|
|
|
|
|
|
Hmm a friend of mine forum(phpbb) is attacked recently with some kind of DOS with about 120 simultaneus connection from same ip.The attacker uses some kind of crawling method.Provider is not able to limit the connections from same ip,any suggestions .Thanks |
|
|
|
|
|
|
|
|
Posted: Mon Jun 27, 2005 11:30 am |
|
|
howitzer |
Regular user |
|
|
Joined: Jun 25, 2005 |
Posts: 23 |
|
|
|
|
|
|
|
Ok i`ve tryed with dos on phpbb forum with the new exploit but seems like i have a problem ...
i`ve compiled the .c file and then i started the process
i`ve got it from
Code: | http://www.milw0rm.com/id.php?id=1064 |
OK so the next step was
Code: |
bash-2.05$ ./NsT-phpBBDoS /tforum/ profile.php *****.com
[+] NsT-phpBBDoS v0.1 by HaCkZaTaN [+] NeoSecurityTeam
[+] Dos has begun....[+] ......................................................................................................
|
And then ive noticed on the vicitims forum that the expliot has created only 4 user with NsT name .....i ve tryed like 7 times with dos but no luck to create more users.
So , does somebody knows how to make it work ? and whats the problem.
10x forward |
|
|
|
|
|
|
|
|
Posted: Mon Jun 27, 2005 4:35 pm |
|
|
g30rg3_x |
Active user |
|
|
Joined: Jan 23, 2005 |
Posts: 31 |
Location: OutSide Of The PE |
|
|
|
|
|
|
ummmm...
as you know de script kiddies, doesn't wait and then improve our poc's and make a app that can uses more than one conecction for sending truth a socket the HTTP Commands, the obviosly in this case is patch de forum our disable the functions....
we also know that the problem is not completly fixed, because the DoS have make for every part in the phpBB 2.0.15 and prior that makes a connection to the BD and too many connections to them can cause a excess of sql querys and the server is down, i dont really know how to make a really solutions for all the problems and every day a script kiddie improve more the codes for a succefull attack...
the c code, has coded by hackzatan, i gonnan talk to him yo answer your question buddy...., but my perl code is working... xDDDDDDDD
so try it....
grettings from mexico, and sorry for all the problems.... |
|
|
|
|
|
Mod security |
|
Posted: Mon Jun 27, 2005 4:55 pm |
|
|
oxygenne |
Advanced user |
|
|
Joined: Apr 13, 2005 |
Posts: 52 |
|
|
|
|
|
|
|
Next step is that we will install "mod security" i heard it has some kind of dos protection so we will see it,anyway thanks for reply |
|
|
|
|
|
|
|
|
Posted: Mon Jun 27, 2005 5:15 pm |
|
|
Mercury_X |
Beginner |
|
|
Joined: Jun 27, 2005 |
Posts: 1 |
|
|
|
|
|
|
|
g30rg3_x wrote: | ummmm...
as you know de script kiddies, doesn't wait and then improve our poc's and make a app that can uses more than one conecction for sending truth a socket the HTTP Commands, the obviosly in this case is patch de forum our disable the functions....
we also know that the problem is not completly fixed, because the DoS have make for every part in the phpBB 2.0.15 and prior that makes a connection to the BD and too many connections to them can cause a excess of sql querys and the server is down, i dont really know how to make a really solutions for all the problems and every day a script kiddie improve more the codes for a succefull attack...
the c code, has coded by hackzatan, i gonnan talk to him yo answer your question buddy...., but my perl code is working... xDDDDDDDD
so try it....
grettings from mexico, and sorry for all the problems.... |
Yo, sup
Thanx for the sploit, and I agree the C source has some problems....
But I got a problem with the perl code too. None of the flood methods work, cuz it looks like its flooding, but when I check the website where the forum is located, no users are created . ALthough I am trying to DoS phpBB 2.0.4....
Any clue, why its not working?
------------------------------
http://xtools.org XtoolZ team
http://rst.void.ru RST Team |
|
|
|
|
|
|
|
|
Posted: Mon Jun 27, 2005 5:38 pm |
|
|
g30rg3_x |
Active user |
|
|
Joined: Jan 23, 2005 |
Posts: 31 |
Location: OutSide Of The PE |
|
|
|
|
|
|
did you see if the forum its patched or has a visual confirmation code???
and other thing that you can overview in what kinda of language is the forum
is in others language you have to change the value of submit that i see, in some forums like spanish forums submit have the value Enviar and not submit
Code: |
line 64, find:
$postit = "$uname"."$umail"."%40neosecurityteam.net&new_password=0123456&password_confirm=0123456&icq=&aim=N%2FA&msn=&yim=&website=&location=&occupation=&interests=&signature=&viewemail=0&hideonline=0¬ifyreply=0¬ifypm=1&popup_pm=1&attachsig=1&allowbbcode=1&allowhtml=0&allowsmilies=1&language=english&style=2&timezone=0&dateformat=D+M+d%2C+Y+g%3Ai+a&mode=register&agreed=true&coppa=0&submit=Submit";
replace with:
(for spanish forums, other forums just change it)
$postit = "$uname"."$umail"."%40neosecurityteam.net&new_password=0123456&password_confirm=0123456&icq=&aim=N%2FA&msn=&yim=&website=&location=&occupation=&interests=&signature=&viewemail=0&hideonline=0¬ifyreply=0¬ifypm=1&popup_pm=1&attachsig=1&allowbbcode=1&allowhtml=0&allowsmilies=1&language=english&style=2&timezone=0&dateformat=D+M+d%2C+Y+g%3Ai+a&mode=register&agreed=true&coppa=0&submit=Enviar";
|
if this didn't work you can make contact and resolve tha problem
at mi msn or mail at g30rg3x@chxsecurity.org
grettings from mexico |
|
|
|
|
|
|
|
|
Posted: Mon Jun 27, 2005 7:41 pm |
|
|
howitzer |
Regular user |
|
|
Joined: Jun 25, 2005 |
Posts: 23 |
|
|
|
|
|
|
|
Thanx g30rg3_x the vicitim forum has also other language , but besides that i have created 4 users i thnik , i will try renameing the Submit.
Today i`ve tryed again and i think that worked ... but the forum also suddendly goes down ... and its still down
10x again g30rg3_x i appricate ur advice ... iam gonna try with perl code ... but i forgot how to compile it .. to compile the Perl i m gonna need C compiler same as .c right? |
|
|
|
|
Posted: Mon Jun 27, 2005 9:19 pm |
|
|
g30rg3_x |
Active user |
|
|
Joined: Jan 23, 2005 |
Posts: 31 |
Location: OutSide Of The PE |
|
|
|
|
|
|
Perl (Practical Extraction and Report Language)
perl its an a scripting language, that means that doesn't need a compiler for gnu/linux...
but it isn't true because you can use under windows with activeperl....
so with a google search you can download and install or for linux, debian like just type apt-get install perl
grettings |
|
|
|
|
Posted: Mon Jun 27, 2005 10:17 pm |
|
|
howitzer |
Regular user |
|
|
Joined: Jun 25, 2005 |
Posts: 23 |
|
|
|
|
|
|
|
Thanx g30rg3_x again for your help
regards. |
|
|
|
|
|
Hex |
|
Posted: Tue Jun 28, 2005 8:19 pm |
|
|
oxygenne |
Advanced user |
|
|
Joined: Apr 13, 2005 |
Posts: 52 |
|
|
|
|
|
|
|
Even the security mod could not prevent this kind of dos
Here is the error:
CGI-limits reached, please try again later!
Is it the phpbb or something else
ps Phpbb is 2.0.16 [/b] |
|
|
|
|
|
Hex |
|
Posted: Tue Jun 28, 2005 8:19 pm |
|
|
oxygenne |
Advanced user |
|
|
Joined: Apr 13, 2005 |
Posts: 52 |
|
|
|
|
|
|
|
Even the security mod could not prevent this kind of dos
Here is the error:
CGI-limits reached, please try again later!
Is it the phpbb or something else
ps Phpbb is 2.0.16 |
|
|
|
|
Posted: Tue Jun 28, 2005 8:41 pm |
|
|
howitzer |
Regular user |
|
|
Joined: Jun 25, 2005 |
Posts: 23 |
|
|
|
|
|
|
|
True true
CGI-limits reached, please try again later!
dos is causing this error ... with the perl code for 2.0 15. |
|
|
|
|
Posted: Wed Jun 29, 2005 12:01 am |
|
|
g30rg3_x |
Active user |
|
|
Joined: Jan 23, 2005 |
Posts: 31 |
Location: OutSide Of The PE |
|
|
|
|
|
|
the dos attack can be made for all forums and
versions who not has a visual confirmation for
register...
for evade this attack just activate the build-in
confirmation image....
i think this info would help to activate the option:
http://www.phpbbhacks.com/forums/viewtopic.php?t=40820
grettings from mexico |
|
|
|
|
www.waraxe.us Forum Index -> PhpBB
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 2
Goto page 1, 2Next
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|