Bugtraq mailing list archives

Re: Hidden requests to Apache

From: Lorenzo Pulici <webmaster () weitzmann it>
Date: Thu, 25 Oct 2001 08:58:53 +0200

On Wed, Oct 24, 2001 at 09:09:59PM +0100, smiler wrote:

GET / HTTP/1.0 \r\r\n
In this case APACHE will print in the log file the carriage return
character. So when we try to tail the access_log file it will be shown in
the screen as :
" 414 3461.251 - - [24/Oct/2001:18:58:18 +0100] "GET / HTTP/1.0
A normal line would be :
127.0.0.1 - - [24/Oct/2001:19:00:32 +0100] "GET / HTTP/1.0" 200 164


I tested it locally on my Apache 1.3.22 and I got:

bash-2.04$ telnet 192.168.2.1 80
Trying 192.168.2.1...
Connected to 192.168.2.1.
Escape character is '^]'.
GET / HTTP/1.0 \r\r\n

On access_log:

127.0.0.1 - - [25/Oct/2001:08:48:39 +0200] "GET / HTTP/1.0 \r\r\n" 400 368


-- 
Lorenzo Pulici - webmaster () weitzmann it
       http://www.weitzmann.it

Current thread:

Hidden requests to Apache smiler (Oct 24)
- Re: Hidden requests to Apache Rasmus Bøg Hansen (Oct 25)
  - Re: Hidden requests to Apache Bob Niederman (Oct 25)
- Re: Hidden requests to Apache Lorenzo Pulici (Oct 25)
- Re: Hidden requests to Apache Jurjen Oskam (Oct 25)