Penetration Testing mailing list archives

Re: Apache Chunk Code Files

From: "Nexus" <nexus () patrol i-way co uk>
Date: Sat, 5 Apr 2003 11:43:03 +0100


----- Original Message -----
From: "Muhammad Faisal Rauf Danka" <mfrd () attitudex com>
To: <pen-test () securityfocus com>
Cc: "Asim Shaikh" <wezmaster () hotmail com>
Sent: Friday, April 04, 2003 7:39 PM
Subject: Re: Apache Chunk Code Files

Not sure if apache-scalp exists for windows, or if someone took the time

out to port it for win32 but you could always >try to compile it on Cygwin
over WinXP.

They (and apache-chunk.c) all compile fine first time under Cygwin.   Once
compiled, all you need are the required .dll's, mainly cygwin1.dll, to run
it on another host.

However I'd advice you to use a real linux distribution for this purpose

like Slackware, Redhat, Debian etc.

Why ?   It's very rare that I come across a remote exploit that does not
compile under Cygwin - most need no tweaking and a few require additions to
the include paths, but that's all.

Cheers.

nexus@drizzt ~/Misc Code
$ gcc apache-scalp.c -o foo.exe

nexus@drizzt ~/Misc Code
$ ./foo.exe
Usage: ./foo <target#|base address> <ip[:port]>
  Using targets:        ./apache-scalp 3 127.0.0.1:8080
  Using bruteforce:     ./apache-scalp 0x8f000 127.0.0.1:8080

--- --- - Potential targets list - --- ----
Target ID / Target specification
        0 / OpenBSD 3.0 x86 / Apache 1.3.20
        1 / OpenBSD 3.0 x86 / Apache 1.3.22
        2 / OpenBSD 3.0 x86 / Apache 1.3.24
        3 / OpenBSD 3.1 x86 / Apache 1.3.20
        4 / OpenBSD 3.1 x86 / Apache 1.3.23
        5 / OpenBSD 3.1 x86 / Apache 1.3.24
        6 / OpenBSD 3.1 x86 / Apache 1.3.24 #2

nexus@drizzt ~/Misc Code
$ strings foo.exe | grep .dll
cygwin1.dll
KERNEL32.dll

nexus@drizzt ~/Misc Code
$ uname -a
CYGWIN_NT-5.0 drizzt 1.3.22(0.78/3/2) 2003-03-18 09:20 i686 unknown unknown
Cygwin

nexus@drizzt ~/Misc Code


top spam and e-mail risk at the gateway.
SurfControl E-mail Filter puts the brakes on spam & viruses
and gives you the reports to prove it. See exactly how much
junk never even makes it in the door. Free 30-day trial:
http://www.securityfocus.com/SurfControl-pen-test

Current thread:

Apache Chunk Code Files Asim Shaikh (Apr 04)
- Re: Apache Chunk Code Files ph1zzle (Apr 09)
  - AW: Apache Chunk Code Files Sven Scherler (Apr 10)
- <Possible follow-ups>
- Re: Apache Chunk Code Files Muhammad Faisal Rauf Danka (Apr 04)
  - Re: Apache Chunk Code Files Nexus (Apr 05)