Metasploit mailing list archives
Lighttpd header folding exploit
From: abhisek.datta at gmail.com (Abhisek Datta)
Date: Thu, 4 Oct 2007 19:41:19 +0530
Hi, I have playing around with this bug for few weeks after it was made public. The exploit is not reliable but "works in my box" certified at least. Even after trying to make it a bit generic and work across distros and compiles, don't think it is much reliable. Attached is the exploit for people to play around and improve upon. Although the bug is old, but surely its an interesting one. -abhisek -------------- next part -------------- A non-text attachment was scrubbed... Name: lighttpd_header_folding.rb Type: application/x-ruby Size: 7220 bytes Desc: not available URL: <http://mail.metasploit.com/pipermail/framework/attachments/20071004/38855897/attachment.rb>
Current thread:
- Lighttpd header folding exploit Abhisek Datta (Oct 04)