hacking contest

hacking exploits security forum
hacking
compliance articles
upgrade backup exec
information security consultant
Help - Search - Member List - Calendar
GovernmentSecurity.org > The Archives > Exploit Articles
axora
Aug 4 2003, 05:29 PM
Hi there,

I checked some IPs with the LANguard Network Security Scanner and for one IP it gives the information about the "Apache Chunked-Encoding Memory Corruption Vulnerability" with the "Bugtraq ID/URL : 5033" http://www.securityfocus.com/bid/5033

Now my question: Does anyone have got a windows exploit prog for this vulnerability? Or is there just the linux c code, which is given on securitfocus-page?

Thanks for your help!
woutiir
Aug 5 2003, 02:32 AM
Well i don't really see the problem get VMWare and you can run linux underwindows, so you can easily test it out ur self! I recommend to install knoppix it'll detect everything for ya!
(http://www.knoppix.org)

Good luck

Gr. woutiir
w00dy
Aug 5 2003, 03:39 AM
an easier fix would be using a C compiler like Bloodshed C++ or a linux emulator like [URL=http://www.cygwin.org]Cygwin[/URL] rahter than install a whole operating system just to compile some C code

Why doesnt that display a link?

btw... i love the way it has just about every OS listed, EXCEPT the newer versions of FreeBSD smile.gif
makes me glad thats all i have running on my network
--Elite--
Oct 6 2003, 12:51 AM
Hi
i`ve some Q about this vuln .
the codes ( apache-scalp & nosejob ) securityfocus published ,
both have memory addresses for BSD systems .
i`m looking for a code , to exploit this vuln on Linux ( redhat ) WHITHOUT brure-forceing .
cus the brute-force mode of those codes never answered me :-/

any1 can help me ?
atrhacker
Oct 6 2003, 03:44 PM
--Elite-- i m' looking for another code than apache-scalp.c too .
a person on the forum give this name gobbles-own-linux.c ( you can see the message on this url http://forums.governmentsecurity.org/index...opic=2996&st=15 ) but i didn't find it ( i will search later

if your have new informations for that send it to me if you can ..


Thanks

Sorry for my english i'm french ^^
taktau
Dec 17 2003, 07:46 PM
http://members.lycos.co.uk/r34ct/main/PRIV...les-own-linux.c
--Elite--
Dec 17 2003, 08:14 PM
thnx friends...

the only thing i forgot :
as u know , we have same bug for win-32 apache versions !
but i saw any exploit , support those versions.
now my two little requests or better say questions tongue.gif
1- if we find win32 retuen addresses , can we use them with these avalable codes ?
( i think no myself , cus 100% we must use another shell code.... :| )
2-don`t u know any written code for win32( i mean to exploit win32 apache. )?

again thnx all
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
 
Invision Power Board © 2001-2005 Invision Power Services, Inc.