Waraxe IT Security Portal  
  Login or Register
::  Home  ::  Search  ::  Your Account  ::  Forums  ::   Waraxe Advisories  ::  Tools  ::
March 19, 2024
Menu
 Home
 Logout
 Discussions
 Forums
 Members List
 IRC chat
 Tools
 Base64 coder
 MD5 hash
 CRC32 checksum
 ROT13 coder
 SHA-1 hash
 URL-decoder
 Sql Char Encoder
 Affiliates
 y3dips ITsec
 Md5 Cracker
 User Manuals
 AlbumNow
 Content
 Content
 Sections
 FAQ
 Top
 Info
 Feedback
 Recommend Us
 Search
 Journal
 Your Account



User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9145

People Online:
Visitors: 481
Members: 0
Total: 481
PacketStorm News
·301 Moved Permanently

read more...
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> PhpBB -> phpbb denial of service Goto page 1, 2  Next
Post new topic  Reply to topic View previous topic :: View next topic 
phpbb denial of service
PostPosted: Fri Jun 24, 2005 6:59 pm Reply with quote
oxygenne
Advanced user
Advanced user
 
Joined: Apr 13, 2005
Posts: 52




Any fix for the latest dos exploit in phpbb 2.0.15 Confused
View user's profile Send private message
PostPosted: Fri Jun 24, 2005 8:46 pm Reply with quote
g30rg3_x
Active user
Active user
 
Joined: Jan 23, 2005
Posts: 31
Location: OutSide Of The PE




sorry but de NsT members dont really now why our advisory with the fixes are not in public, but the tools are now in milw0rm.com for full public (script kiddies acces):

the Advisory:
-------------------------------------------------
Edit For Post Best View
Link:
http://www.chxsecurity.org/Advisory-15.txt
--------------------------------------------------

sorry for the missunderstading

excuses all NsT Team for the problems with our PoC's

PD: The NsT web is off because a moving of hosting provider but you can view in our temporarily mirror http://www.chxsecurity.org/Advisory-15.txt


Last edited by g30rg3_x on Wed Jun 29, 2005 2:17 am; edited 2 times in total
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
PostPosted: Sun Jun 26, 2005 9:33 am Reply with quote
oxygenne
Advanced user
Advanced user
 
Joined: Apr 13, 2005
Posts: 52




Hmm a friend of mine forum(phpbb) is attacked recently with some kind of DOS with about 120 simultaneus connection from same ip.The attacker uses some kind of crawling method.Provider is not able to limit the connections from same ip,any suggestions .Thanks
View user's profile Send private message
PostPosted: Mon Jun 27, 2005 11:30 am Reply with quote
howitzer
Regular user
Regular user
 
Joined: Jun 25, 2005
Posts: 23




Ok i`ve tryed with dos on phpbb forum with the new exploit but seems like i have a problem ...
i`ve compiled the .c file and then i started the process

i`ve got it from

Code:
http://www.milw0rm.com/id.php?id=1064


OK so the next step was

Code:

bash-2.05$ ./NsT-phpBBDoS /tforum/ profile.php *****.com
 [+] NsT-phpBBDoS v0.1 by HaCkZaTaN [+] NeoSecurityTeam
 [+] Dos has begun....[+] ......................................................................................................


And then ive noticed on the vicitims forum that the expliot has created only 4 user with NsT name .....i ve tryed like 7 times with dos but no luck to create more users.

So , does somebody knows how to make it work ? and whats the problem.

10x forward
View user's profile Send private message
PostPosted: Mon Jun 27, 2005 4:35 pm Reply with quote
g30rg3_x
Active user
Active user
 
Joined: Jan 23, 2005
Posts: 31
Location: OutSide Of The PE




ummmm...

as you know de script kiddies, doesn't wait and then improve our poc's and make a app that can uses more than one conecction for sending truth a socket the HTTP Commands, the obviosly in this case is patch de forum our disable the functions....

we also know that the problem is not completly fixed, because the DoS have make for every part in the phpBB 2.0.15 and prior that makes a connection to the BD and too many connections to them can cause a excess of sql querys and the server is down, i dont really know how to make a really solutions for all the problems and every day a script kiddie improve more the codes for a succefull attack...

the c code, has coded by hackzatan, i gonnan talk to him yo answer your question buddy...., but my perl code is working... xDDDDDDDD
so try it....

grettings from mexico, and sorry for all the problems....
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
Mod security
PostPosted: Mon Jun 27, 2005 4:55 pm Reply with quote
oxygenne
Advanced user
Advanced user
 
Joined: Apr 13, 2005
Posts: 52




Next step is that we will install "mod security" i heard it has some kind of dos protection so we will see it,anyway thanks for reply
View user's profile Send private message
PostPosted: Mon Jun 27, 2005 5:15 pm Reply with quote
Mercury_X
Beginner
Beginner
 
Joined: Jun 27, 2005
Posts: 1




g30rg3_x wrote:
ummmm...

as you know de script kiddies, doesn't wait and then improve our poc's and make a app that can uses more than one conecction for sending truth a socket the HTTP Commands, the obviosly in this case is patch de forum our disable the functions....

we also know that the problem is not completly fixed, because the DoS have make for every part in the phpBB 2.0.15 and prior that makes a connection to the BD and too many connections to them can cause a excess of sql querys and the server is down, i dont really know how to make a really solutions for all the problems and every day a script kiddie improve more the codes for a succefull attack...

the c code, has coded by hackzatan, i gonnan talk to him yo answer your question buddy...., but my perl code is working... xDDDDDDDD
so try it....

grettings from mexico, and sorry for all the problems....


Yo, sup

Thanx for the sploit, and I agree the C source has some problems....
But I got a problem with the perl code too. None of the flood methods work, cuz it looks like its flooding, but when I check the website where the forum is located, no users are created Confused . ALthough I am trying to DoS phpBB 2.0.4....

Any clue, why its not working?

------------------------------
http://xtools.org XtoolZ team
http://rst.void.ru RST Team
View user's profile Send private message
PostPosted: Mon Jun 27, 2005 5:38 pm Reply with quote
g30rg3_x
Active user
Active user
 
Joined: Jan 23, 2005
Posts: 31
Location: OutSide Of The PE




did you see if the forum its patched or has a visual confirmation code???

and other thing that you can overview in what kinda of language is the forum
is in others language you have to change the value of submit that i see, in some forums like spanish forums submit have the value Enviar and not submit
Code:

line 64, find:

$postit = "$uname"."$umail"."%40neosecurityteam.net&new_password=0123456&password_confirm=0123456&icq=&aim=N%2FA&msn=&yim=&website=&location=&occupation=&interests=&signature=&viewemail=0&hideonline=0&notifyreply=0&notifypm=1&popup_pm=1&attachsig=1&allowbbcode=1&allowhtml=0&allowsmilies=1&language=english&style=2&timezone=0&dateformat=D+M+d%2C+Y+g%3Ai+a&mode=register&agreed=true&coppa=0&submit=Submit";

replace with:
(for spanish forums, other forums just change it)
$postit = "$uname"."$umail"."%40neosecurityteam.net&new_password=0123456&password_confirm=0123456&icq=&aim=N%2FA&msn=&yim=&website=&location=&occupation=&interests=&signature=&viewemail=0&hideonline=0&notifyreply=0&notifypm=1&popup_pm=1&attachsig=1&allowbbcode=1&allowhtml=0&allowsmilies=1&language=english&style=2&timezone=0&dateformat=D+M+d%2C+Y+g%3Ai+a&mode=register&agreed=true&coppa=0&submit=Enviar";


if this didn't work you can make contact and resolve tha problem
at mi msn or mail at g30rg3x@chxsecurity.org

grettings from mexico
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
PostPosted: Mon Jun 27, 2005 7:41 pm Reply with quote
howitzer
Regular user
Regular user
 
Joined: Jun 25, 2005
Posts: 23




Thanx g30rg3_x the vicitim forum has also other language , but besides that i have created 4 users i thnik , i will try renameing the Submit. Wink

Today i`ve tryed again and i think that worked ... but the forum also suddendly goes down ... and its still down Rolling Eyes

10x again g30rg3_x i appricate ur advice ... iam gonna try with perl code ... but i forgot how to compile it Embarassed .. to compile the Perl i m gonna need C compiler same as .c right?
View user's profile Send private message
PostPosted: Mon Jun 27, 2005 9:19 pm Reply with quote
g30rg3_x
Active user
Active user
 
Joined: Jan 23, 2005
Posts: 31
Location: OutSide Of The PE




Perl (Practical Extraction and Report Language)

perl its an a scripting language, that means that doesn't need a compiler for gnu/linux...

but it isn't true because you can use under windows with activeperl....
so with a google search you can download and install or for linux, debian like just type apt-get install perl

grettings
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
PostPosted: Mon Jun 27, 2005 10:17 pm Reply with quote
howitzer
Regular user
Regular user
 
Joined: Jun 25, 2005
Posts: 23




Thanx g30rg3_x again for your help Wink

regards.
View user's profile Send private message
Hex
PostPosted: Tue Jun 28, 2005 8:19 pm Reply with quote
oxygenne
Advanced user
Advanced user
 
Joined: Apr 13, 2005
Posts: 52




Even the security mod could not prevent this kind of dos
Here is the error:
CGI-limits reached, please try again later!
Is it the phpbb or something else

ps Phpbb is 2.0.16 [/b]
View user's profile Send private message
Hex
PostPosted: Tue Jun 28, 2005 8:19 pm Reply with quote
oxygenne
Advanced user
Advanced user
 
Joined: Apr 13, 2005
Posts: 52




Even the security mod could not prevent this kind of dos
Here is the error:
CGI-limits reached, please try again later!
Is it the phpbb or something else

ps Phpbb is 2.0.16
View user's profile Send private message
PostPosted: Tue Jun 28, 2005 8:41 pm Reply with quote
howitzer
Regular user
Regular user
 
Joined: Jun 25, 2005
Posts: 23




True true

CGI-limits reached, please try again later!

dos is causing this error ... with the perl code for 2.0 15.
View user's profile Send private message
PostPosted: Wed Jun 29, 2005 12:01 am Reply with quote
g30rg3_x
Active user
Active user
 
Joined: Jan 23, 2005
Posts: 31
Location: OutSide Of The PE




the dos attack can be made for all forums and
versions who not has a visual confirmation for
register...

for evade this attack just activate the build-in
confirmation image....

i think this info would help to activate the option:
http://www.phpbbhacks.com/forums/viewtopic.php?t=40820

grettings from mexico
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
phpbb denial of service
  www.waraxe.us Forum Index -> PhpBB
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT  
Page 1 of 2  
Goto page 1, 2  Next
  
  
 Post new topic  Reply to topic  




Powered by phpBB © 2001-2008 phpBB Group






Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2020 Janek Vind "waraxe"
Page Generation: 0.174 Seconds