Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Exploiting apache
From: <International-Asso () web de>
Date: Thu, 24 Feb 2005 15:37:15 +0100

Hello everyone,

Last time I have checked my apache log files, I made a
funny discovery.

There was the following logfile entry:

###############################################
84.XX.XX.159 - - [31/Jan/2005:22:46:38 +0000] "SEARCH 
/\x90\x02\xb1\x02\xb1\x02\xb1\x02\xb1\[...]
###############################################


Having a closer lock at the structure of this entry...

###############################################################
"SEARCH \x90[\x02\xb1 (reapeated 1075 times)][\x90 (repeated 10332 times)]"
###############################################################


So, is this a part of an expoit or is it just a funny malformed query?

If it is an exploit, is there a straigt forward method for reengineering 
 this expoit?


Thanks in advance,
markus
______________________________________________________________
Verschicken Sie romantische, coole und witzige Bilder per SMS!
Jetzt bei WEB.DE FreeMail: http://f.web.de/?mc=021193

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]