Waraxe IT Security Portal
Login or Register
November 15, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 90
Members: 0
Total: 90
Full disclosure
SEC Consult SA-20241112-0 :: Multiple vulnerabilities in Siemens Energy Omnivise T3000 (CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879)
Security issue in the TX Text Control .NET Server for ASP.NET.
SEC Consult SA-20241107-0 :: Multiple Vulnerabilities in HASOMED Elefant and Elefant Software Updater
Unsafe eval() in TestRail CLI
4 vulnerabilities in ibmsecurity
32 vulnerabilities in IBM Security Verify Access
xlibre Xnest security advisory & bugfix releases
APPLE-SA-10-29-2024-1 Safari 18.1
SEC Consult SA-20241030-0 :: Query Filter Injection in Ping Identity PingIDM (formerly known as ForgeRock Identity Management) (CVE-2024-23600)
SEC Consult SA-20241023-0 :: Authenticated Remote Code Execution in Multiple Xerox printers (CVE-2024-6333)
APPLE-SA-10-28-2024-8 visionOS 2.1
APPLE-SA-10-28-2024-7 tvOS 18.1
APPLE-SA-10-28-2024-6 watchOS 11.1
APPLE-SA-10-28-2024-5 macOS Ventura 13.7.1
APPLE-SA-10-28-2024-4 macOS Sonoma 14.7.1
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> PhpBB -> phpbb denial of service Goto page 1, 2Next
Post new topicReply to topic View previous topic :: View next topic
phpbb denial of service
PostPosted: Fri Jun 24, 2005 6:59 pm Reply with quote
oxygenne
Advanced user
Advanced user
Joined: Apr 13, 2005
Posts: 52




Any fix for the latest dos exploit in phpbb 2.0.15 Confused
View user's profile Send private message
PostPosted: Fri Jun 24, 2005 8:46 pm Reply with quote
g30rg3_x
Active user
Active user
Joined: Jan 23, 2005
Posts: 31
Location: OutSide Of The PE




sorry but de NsT members dont really now why our advisory with the fixes are not in public, but the tools are now in milw0rm.com for full public (script kiddies acces):

the Advisory:
-------------------------------------------------
Edit For Post Best View
Link:
http://www.chxsecurity.org/Advisory-15.txt
--------------------------------------------------

sorry for the missunderstading

excuses all NsT Team for the problems with our PoC's

PD: The NsT web is off because a moving of hosting provider but you can view in our temporarily mirror http://www.chxsecurity.org/Advisory-15.txt


Last edited by g30rg3_x on Wed Jun 29, 2005 2:17 am; edited 2 times in total
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
PostPosted: Sun Jun 26, 2005 9:33 am Reply with quote
oxygenne
Advanced user
Advanced user
Joined: Apr 13, 2005
Posts: 52




Hmm a friend of mine forum(phpbb) is attacked recently with some kind of DOS with about 120 simultaneus connection from same ip.The attacker uses some kind of crawling method.Provider is not able to limit the connections from same ip,any suggestions .Thanks
View user's profile Send private message
PostPosted: Mon Jun 27, 2005 11:30 am Reply with quote
howitzer
Regular user
Regular user
Joined: Jun 25, 2005
Posts: 23




Ok i`ve tryed with dos on phpbb forum with the new exploit but seems like i have a problem ...
i`ve compiled the .c file and then i started the process

i`ve got it from

Code:
http://www.milw0rm.com/id.php?id=1064


OK so the next step was

Code:

bash-2.05$ ./NsT-phpBBDoS /tforum/ profile.php *****.com
[+] NsT-phpBBDoS v0.1 by HaCkZaTaN [+] NeoSecurityTeam
[+] Dos has begun....[+] ......................................................................................................


And then ive noticed on the vicitims forum that the expliot has created only 4 user with NsT name .....i ve tryed like 7 times with dos but no luck to create more users.

So , does somebody knows how to make it work ? and whats the problem.

10x forward
View user's profile Send private message
PostPosted: Mon Jun 27, 2005 4:35 pm Reply with quote
g30rg3_x
Active user
Active user
Joined: Jan 23, 2005
Posts: 31
Location: OutSide Of The PE




ummmm...

as you know de script kiddies, doesn't wait and then improve our poc's and make a app that can uses more than one conecction for sending truth a socket the HTTP Commands, the obviosly in this case is patch de forum our disable the functions....

we also know that the problem is not completly fixed, because the DoS have make for every part in the phpBB 2.0.15 and prior that makes a connection to the BD and too many connections to them can cause a excess of sql querys and the server is down, i dont really know how to make a really solutions for all the problems and every day a script kiddie improve more the codes for a succefull attack...

the c code, has coded by hackzatan, i gonnan talk to him yo answer your question buddy...., but my perl code is working... xDDDDDDDD
so try it....

grettings from mexico, and sorry for all the problems....
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
Mod security
PostPosted: Mon Jun 27, 2005 4:55 pm Reply with quote
oxygenne
Advanced user
Advanced user
Joined: Apr 13, 2005
Posts: 52




Next step is that we will install "mod security" i heard it has some kind of dos protection so we will see it,anyway thanks for reply
View user's profile Send private message
PostPosted: Mon Jun 27, 2005 5:15 pm Reply with quote
Mercury_X
Beginner
Beginner
Joined: Jun 27, 2005
Posts: 1




g30rg3_x wrote:
ummmm...

as you know de script kiddies, doesn't wait and then improve our poc's and make a app that can uses more than one conecction for sending truth a socket the HTTP Commands, the obviosly in this case is patch de forum our disable the functions....

we also know that the problem is not completly fixed, because the DoS have make for every part in the phpBB 2.0.15 and prior that makes a connection to the BD and too many connections to them can cause a excess of sql querys and the server is down, i dont really know how to make a really solutions for all the problems and every day a script kiddie improve more the codes for a succefull attack...

the c code, has coded by hackzatan, i gonnan talk to him yo answer your question buddy...., but my perl code is working... xDDDDDDDD
so try it....

grettings from mexico, and sorry for all the problems....


Yo, sup

Thanx for the sploit, and I agree the C source has some problems....
But I got a problem with the perl code too. None of the flood methods work, cuz it looks like its flooding, but when I check the website where the forum is located, no users are created Confused . ALthough I am trying to DoS phpBB 2.0.4....

Any clue, why its not working?

------------------------------
http://xtools.org XtoolZ team
http://rst.void.ru RST Team
View user's profile Send private message
PostPosted: Mon Jun 27, 2005 5:38 pm Reply with quote
g30rg3_x
Active user
Active user
Joined: Jan 23, 2005
Posts: 31
Location: OutSide Of The PE




did you see if the forum its patched or has a visual confirmation code???

and other thing that you can overview in what kinda of language is the forum
is in others language you have to change the value of submit that i see, in some forums like spanish forums submit have the value Enviar and not submit
Code:

line 64, find:

$postit = "$uname"."$umail"."%40neosecurityteam.net&new_password=0123456&password_confirm=0123456&icq=&aim=N%2FA&msn=&yim=&website=&location=&occupation=&interests=&signature=&viewemail=0&hideonline=0&notifyreply=0&notifypm=1&popup_pm=1&attachsig=1&allowbbcode=1&allowhtml=0&allowsmilies=1&language=english&style=2&timezone=0&dateformat=D+M+d%2C+Y+g%3Ai+a&mode=register&agreed=true&coppa=0&submit=Submit";

replace with:
(for spanish forums, other forums just change it)
$postit = "$uname"."$umail"."%40neosecurityteam.net&new_password=0123456&password_confirm=0123456&icq=&aim=N%2FA&msn=&yim=&website=&location=&occupation=&interests=&signature=&viewemail=0&hideonline=0&notifyreply=0&notifypm=1&popup_pm=1&attachsig=1&allowbbcode=1&allowhtml=0&allowsmilies=1&language=english&style=2&timezone=0&dateformat=D+M+d%2C+Y+g%3Ai+a&mode=register&agreed=true&coppa=0&submit=Enviar";


if this didn't work you can make contact and resolve tha problem
at mi msn or mail at g30rg3x@chxsecurity.org

grettings from mexico
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
PostPosted: Mon Jun 27, 2005 7:41 pm Reply with quote
howitzer
Regular user
Regular user
Joined: Jun 25, 2005
Posts: 23




Thanx g30rg3_x the vicitim forum has also other language , but besides that i have created 4 users i thnik , i will try renameing the Submit. Wink

Today i`ve tryed again and i think that worked ... but the forum also suddendly goes down ... and its still down Rolling Eyes

10x again g30rg3_x i appricate ur advice ... iam gonna try with perl code ... but i forgot how to compile it Embarassed .. to compile the Perl i m gonna need C compiler same as .c right?
View user's profile Send private message
PostPosted: Mon Jun 27, 2005 9:19 pm Reply with quote
g30rg3_x
Active user
Active user
Joined: Jan 23, 2005
Posts: 31
Location: OutSide Of The PE




Perl (Practical Extraction and Report Language)

perl its an a scripting language, that means that doesn't need a compiler for gnu/linux...

but it isn't true because you can use under windows with activeperl....
so with a google search you can download and install or for linux, debian like just type apt-get install perl

grettings
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
PostPosted: Mon Jun 27, 2005 10:17 pm Reply with quote
howitzer
Regular user
Regular user
Joined: Jun 25, 2005
Posts: 23




Thanx g30rg3_x again for your help Wink

regards.
View user's profile Send private message
Hex
PostPosted: Tue Jun 28, 2005 8:19 pm Reply with quote
oxygenne
Advanced user
Advanced user
Joined: Apr 13, 2005
Posts: 52




Even the security mod could not prevent this kind of dos
Here is the error:
CGI-limits reached, please try again later!
Is it the phpbb or something else

ps Phpbb is 2.0.16 [/b]
View user's profile Send private message
Hex
PostPosted: Tue Jun 28, 2005 8:19 pm Reply with quote
oxygenne
Advanced user
Advanced user
Joined: Apr 13, 2005
Posts: 52




Even the security mod could not prevent this kind of dos
Here is the error:
CGI-limits reached, please try again later!
Is it the phpbb or something else

ps Phpbb is 2.0.16
View user's profile Send private message
PostPosted: Tue Jun 28, 2005 8:41 pm Reply with quote
howitzer
Regular user
Regular user
Joined: Jun 25, 2005
Posts: 23




True true

CGI-limits reached, please try again later!

dos is causing this error ... with the perl code for 2.0 15.
View user's profile Send private message
PostPosted: Wed Jun 29, 2005 12:01 am Reply with quote
g30rg3_x
Active user
Active user
Joined: Jan 23, 2005
Posts: 31
Location: OutSide Of The PE




the dos attack can be made for all forums and
versions who not has a visual confirmation for
register...

for evade this attack just activate the build-in
confirmation image....

i think this info would help to activate the option:
http://www.phpbbhacks.com/forums/viewtopic.php?t=40820

grettings from mexico
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
phpbb denial of service
www.waraxe.us Forum Index -> PhpBB
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 1 of 2
Goto page 1, 2Next
Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.057 Seconds