Sign in to follow this  
Followers 0
desmondeus

Someone help me already

39 posts in this topic

bash

while true; do curl http://h1.ripway.com/acedaarcher/BinRev/next.php -d 'act=Login&CODE=01&s=$RANDOM530afe53e91ae89129751338828&referer=http%3A%2F%2Fwww.binrev.com%2Fforums%2Findex.php%3Fact%3Dpost%26do%3Dreply_post%26f%3D5%26t%3D38443&CookieDate=1&UserName=rmccurdy.com&PassWord=rmccurdy.com&submit=Log+In';done

0

Share this post


Link to post
Share on other sites
If you want to be really clever, crawl the binrev site and get a list of usernames instead of random words

if you do it on the fly it sadly reduces the speed greatly, but saving out to a wordlist would not be out of the question... Also, I have a suspicion that I'm doing it wrong but I don't really feel like going back and looking into it deeply right now ;)

#!/usr/bin/php
<?php

function random_user() {
$rand_user = mt_rand(1, 15627);

$binrev = fsockopen("www.binrev.com", 80);
$get = "GET /forums/index.php?showuser=$rand_user HTTP/1.1\r\nHost: www.binrev.com\r\nConnection: Close\r\n\r\n";

fwrite($binrev, $get);
while ($buffer = fgets($binrev, 120)) {
if (preg_match("/<h3 style=\'font-size:20px\'>(.*)<\/h3>/", $buffer, $name)) {
fclose($binrev);
return $name[1];
}
}
fclose($binrev);
return random_user();
}

$dict=file_get_contents("/usr/share/dict/words", FILE_TEXT);
$dict=explode("\n", $dict);

for ($i = 1; $i <= $argv[1]; $i++) {
$user = random_user();
$line = mt_rand(0, sizeof($dict)-1);
$pass = $dict[$line];
$sess = md5($user);

$http = "GET /acedaarcher/BinRev/next.php?act=Login&CODE=01&s=" . $sess . "&referer=http%3A%2F%2Fwww.binrev.com%2Fforums%2Findex.php%3Fact%3Dpost%26do%3Dreply_post%26f%3D5%26t%3D38443&CookieDate=1&UserName=" . $user . "&PassWord=" . $pass . "&submit=Log+In HTTP/1.1\r\n";
$http .= "Host: h1.ripway.com\r\n\r\n";
$sock = fsockopen("h1.ripway.com", 80);
fwrite($sock, $http);
print "Submitting: User = $user - Pass = $pass\n";
fclose($sock);
}

?>

Oh, and this doesn't draw the max_users because I'm not yet bored enough... yet

Edited by n3xg3n
0

Share this post


Link to post
Share on other sites

http://h1.ripway.com/acedaarcher/next.php

Ripway Web Hosting

File Not Found

The file or folder you've requested could not be found. Please check the URL and try again.

-_-

----

edit: hmm, it still works from the BinRev refferer, but is 404 from the other phish page =/

Edited by n3xg3n
0

Share this post


Link to post
Share on other sites

Yeah, I noticed that myself. There are a couple other threads I've seen from members that have recently joined that make me think binrev is currently being hit by hordes of trolls.

0

Share this post


Link to post
Share on other sites

Honestly, I hope someone else tries something like this. It made for some interesting posts.

0

Share this post


Link to post
Share on other sites
Honestly, I hope someone else tries something like this. It made for some interesting posts.

yeah, no kidding.. Every bit helps put the picture together.

0

Share this post


Link to post
Share on other sites

two words about this thread:

FUCKING SAVED!! :)

0

Share this post


Link to post
Share on other sites
http://h1.ripway.com/acedaarcher/next.php

Ripway Web Hosting

File Not Found

The file or folder you've requested could not be found. Please check the URL and try again.

-_-

----

edit: hmm, it still works from the BinRev refferer, but is 404 from the other phish page =/

its http://h1.ripway.com/acedaarcher/BinRev/next.php ,.. see my while looop curl post above ;P

0

Share this post


Link to post
Share on other sites

Why did someone rate the thread 1 star? Come on, let's get the average back up to 5 stars! :P

0

Share this post


Link to post
Share on other sites

My favorite part of this thread...

can a mod give me his ip address?
0

Share this post


Link to post
Share on other sites
My favorite part of this thread...
can a mod give me his ip address?

what... i just wanted to see if he was dumb enough to not proxy.. lol

0

Share this post


Link to post
Share on other sites
what... i just wanted to see if he was dumb enough to not proxy.. lol

LOL :D

0

Share this post


Link to post
Share on other sites
My favorite part of this thread...
can a mod give me his ip address?

what... i just wanted to see if he was dumb enough to not proxy.. lol

Riiiiiiiiiiiight ;)

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0