Full Disclosure: Re: Apache 2.2.17 exploit?

Re: Apache 2.2.17 exploit?

From: Kai <kai () rhynn net>
Date: Wed, 05 Oct 2011 01:39:44 +0400

 Hi halfdog,

Just for those, who want to build their own apache shell code for
testing purposes, this snip might be of some use. It uses the still
open tcp connections to the server to spawn the shells, so that no
backconnect is needed. Of course, it does not give remote root but
only httpd user privs. And you should send "exec 1>&0" as first
command if you want to see remote shell stdout.


 wasn't that bug fixed a long ago? https://bugs.php.net/bug.php?id=38915 
 ---> https://issues.apache.org/bugzilla/show_bug.cgi?id=46425
 sorry if i'm talking about different thing.

-- 
 Cheers,

 Kai

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

Re: Apache 2.2.17 exploit?, (continued)
(Thread continues...)