Metasploit mailing list archives
Balasan: Re: [framework] apache vuln code and etc. (need help)
From: hdm at metasploit.com (H D Moore)
Date: Sun, 26 Jun 2005 02:34:19 -0500
On Friday 24 June 2005 05:53, Sugiowono Tjhin wrote:
1. I already tried metasploit apache exploit and exploit code from milw0rm, but could not work. Any other tools ? btw, is the apache exploit code can be used for apache windows and linux ? The Nessus scanner found CVE-2002-0392 hole.
Please provide the full Apache banner and operating system version. A number of people have reported issues with the apache_chunked_win32 exploit module, but I have not been able to reproduce them here. As the "info" command and the name of the module implies, it is designed to exploit the bug on the Windows platform only.
2. I am pentest a SMTP server, when I telnet it and try to use command DATA, it required auth, so i want to try using null session, but dont know how, any one can help me ?
It really depends on the SMTP server. If this is a Microsoft SMTP service, there are a couple flaws that can be used to bypass authentication. Jerome already pointed one of these out.
3. Nessus also found CVE-2002-0071 about IIS hole (.HTR ISAPI), so I used metasploit code IIS_HTR ...., but also it didnt work. any idea how to proof this hole.
This is a different vulnerability. CVE-2002-0071 refers to a heap overflow, the iis40_htr exploit is for CVE-1999-0874, a stack overflow. Please check the "info iis40_htr" output or the msfweb interface References link for more information. -HD
Current thread:
- Balasan: Re: [framework] apache vuln code and etc. (need help) Sugiowono Tjhin (Jun 24)
- Re: Balasan: Re: [framework] apache vuln code and etc. (need help) Jerome Athias (Jun 24)
- Balasan: Re: [framework] apache vuln code and etc. (need help) H D Moore (Jun 26)