Vulnerability Development mailing list archives

Re: Apache exploit or stupid script kiddie?

From: <jove () gaza halo nu>
Date: Sun, 9 Sep 2001 03:19:01 -0500 (CDT)

Matthew,

        What sort of logs showed up after he ran the script?  The output
is too ambiguous.

-Jove

On Mon, 10 Sep 2001, Matthew S. Hallacy wrote:

howdy,

We had YASK (yet another script kiddie) join #linux on efnet tonight asking for a patch for the new
apache exploit, knowing of no recent exploit I convinced him to try it on my machine, he claimed
all he had was a binary compiled to only work on his machine (possible). He tried it and messaged
me this:

 [root@hisbox /]# ./apex x.x.x.x
 -= FtSoK 0wnz =-
 Checking daemon version...: Apache/1.3.19 (Unix)
 Attempting to compromise..: x.x.x.x
 Remote system is..........: Linux. (Red-Hat/Linux)
 Connected! ...but not vulnerable.


Where x.x.x.x is the address of my machine, I was packet logging (tcpdump) but came up with nothing
out of the ordinary, perhaps someone else knows more.


                                      Matthew S. Hallacy


--
--

Current thread:

Apache exploit or stupid script kiddie? Matthew S. Hallacy (Sep 10)
- Re: Apache exploit or stupid script kiddie? dove (Sep 11)
- Re: Apache exploit or stupid script kiddie? jove (Sep 11)
- Re: Apache exploit or stupid script kiddie? Matthew S. Hallacy (Sep 12)
- <Possible follow-ups>
- RE: Apache exploit or stupid script kiddie? auto241065 (Sep 11)