RE: Apache-Nosejob
From: Walter Pearce (wpearce@automotive.com)Date: 08/23/02
- Previous message: FX: "Re: exploiting printers, home routers & smb routers"
- Maybe in reply to: Jeremy Junginger: "Apache-Nosejob"
- Next in thread: Muhammad Faisal Rauf Danka: "Re: Apache-Nosejob"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 23 Aug 2002 09:57:19 -0700 From: "Walter Pearce" <wpearce@automotive.com> To: <vuln-dev@securityfocus.com>
The Actual method of exploitation on any other operating system besides *BSD (what is supplied with that exploit) is totally different from OS to OS. Through my own research I have noticed exploitation on linux is actually more complicated. This is why in the source they comment it took 2 months to exploit each OS, they are different methods of getting the program to run how you want.
-----Original Message-----
From: gotcha [mailto:gotcha@mymail.co.za]
Sent: Friday, August 23, 2002 9:00 AM
To: Jeremy Junginger; pen-test@securityfocus.com
Cc: vuln-dev@securityfocus.com
Subject: Re: Apache-Nosejob
hi there
i have setup a test bed with FBSD 4.5 and also tried brute forcing but came
out with nothing, then i started doing an investigation on how i could use
this apache-nosejob and spawn a shell on linux or solaris sparc and what i
was told was that if i changed the shell code and found the ret address, i
would beable to spawn a shell on the specific machine, but you guessed it
nothing, i am still testing !!!!
regards
----- Original Message -----
From: "Jeremy Junginger" <jjunginger@interactcommerce.com>
To: <pen-test@securityfocus.com>
Cc: <vuln-dev@securityfocus.com>
Sent: Thursday, August 22, 2002 7:38 AM
Subject: Apache-Nosejob
> Good Morning,
>
> I've got a lab set up with the following host:
>
> FreeBSD 4.5
> Apache 1.3.23 (downloaded from
> http://packetstormsecurity.org/UNIX/admin/apache_1.3.23.tar.gz )
>
> And am running the apache-nosejob script against it in order to
> understand the chunked encoding vulnerability:
>
> http://packetstorm.decepticons.org/0206-exploits/apache-nosejob.c
>
> When I ran ./apache-nosejob -o f -h x.x.x.x(address of host), the script
> ran for over 12 hours with no successful penetration :). I have also
> tried the script with the -b 0x80a0000, -d -150, -z 36, -r 6 switches to
> no avail. Perhaps you could suggest some alternate r|d|z values for the
> Brute Force settings? Thanks,
>
> -Jeremy
>
>
- Previous message: FX: "Re: exploiting printers, home routers & smb routers"
- Maybe in reply to: Jeremy Junginger: "Apache-Nosejob"
- Next in thread: Muhammad Faisal Rauf Danka: "Re: Apache-Nosejob"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
