Full Disclosure mailing list archives
Exploiting apache
From: <International-Asso () web de>
Date: Thu, 24 Feb 2005 15:37:15 +0100
Hello everyone, Last time I have checked my apache log files, I made a funny discovery. There was the following logfile entry: ############################################### 84.XX.XX.159 - - [31/Jan/2005:22:46:38 +0000] "SEARCH /\x90\x02\xb1\x02\xb1\x02\xb1\x02\xb1\[...] ############################################### Having a closer lock at the structure of this entry... ############################################################### "SEARCH \x90[\x02\xb1 (reapeated 1075 times)][\x90 (repeated 10332 times)]" ############################################################### So, is this a part of an expoit or is it just a funny malformed query? If it is an exploit, is there a straigt forward method for reengineering this expoit? Thanks in advance, markus ______________________________________________________________ Verschicken Sie romantische, coole und witzige Bilder per SMS! Jetzt bei WEB.DE FreeMail: http://f.web.de/?mc=021193 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Exploiting apache International-Asso (Feb 24)
- Re: Exploiting apache Ron (Feb 24)
- Re: Exploiting apache 404 (Feb 24)
- Re: Exploiting apache devis (Feb 24)
- Re: Exploiting apache Nick FitzGerald (Feb 24)