Vulnerability Development mailing list archives
Re: Apache exploit or stupid script kiddie?
From: <jove () gaza halo nu>
Date: Sun, 9 Sep 2001 03:19:01 -0500 (CDT)
Matthew, What sort of logs showed up after he ran the script? The output is too ambiguous. -Jove On Mon, 10 Sep 2001, Matthew S. Hallacy wrote:
howdy, We had YASK (yet another script kiddie) join #linux on efnet tonight asking for a patch for the new apache exploit, knowing of no recent exploit I convinced him to try it on my machine, he claimed all he had was a binary compiled to only work on his machine (possible). He tried it and messaged me this: [root@hisbox /]# ./apex x.x.x.x -= FtSoK 0wnz =- Checking daemon version...: Apache/1.3.19 (Unix) Attempting to compromise..: x.x.x.x Remote system is..........: Linux. (Red-Hat/Linux) Connected! ...but not vulnerable. Where x.x.x.x is the address of my machine, I was packet logging (tcpdump) but came up with nothing out of the ordinary, perhaps someone else knows more. Matthew S. Hallacy -- --
Current thread:
- Apache exploit or stupid script kiddie? Matthew S. Hallacy (Sep 10)
- Re: Apache exploit or stupid script kiddie? dove (Sep 11)
- Re: Apache exploit or stupid script kiddie? jove (Sep 11)
- Re: Apache exploit or stupid script kiddie? Matthew S. Hallacy (Sep 12)
- <Possible follow-ups>
- RE: Apache exploit or stupid script kiddie? auto241065 (Sep 11)