Vulnerability Development mailing list archives
Exploiting Buffer Overflows in CGI Scripts
From: franciozzy () terra com br
Date: Tue, 04 Jun 2002 21:09:48 -0300
Hi, I was looking for papers on exploiting buffer overflows in CGI Scripts, but just couldn't manage to find any. I have several questions about: * How apache or other webservers handles requests with binary data (shellcode). * How can someone issue a "Host:" tag after the "GET ... HTTP/1.0" line, if the evil buffer will get apache to process the request. * On the above topic, is there any tricks to code the shellcode in order to avoid the webserver to do so? Thanks for any information on it, Franciozzy
Current thread:
- Exploiting Buffer Overflows in CGI Scripts franciozzy (Jun 04)
- Re: Exploiting Buffer Overflows in CGI Scripts Vladimir P (Jun 04)
- <Possible follow-ups>
- Re: Exploiting Buffer Overflows in CGI Scripts b0iler _ (Jun 06)
- RE: Exploiting Buffer Overflows in CGI Scripts Stuart Adamson (Jun 06)