PHP & Apache a hazard waiting to happen (DIFF)

From: Noam Rathaus (noamrat_private)
Date: Tue Feb 26 2002 - 04:28:27 PST

Next message: Noam Rathaus: "accounts.nes"

Previous message: Michael Scheidell: "Re: Apache exploit?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

The original NASL is a bit too ... tight for some installation (i.e. Win95,...,
Win2k, etc), this patch would make it a bit more generalized:

Index: php_apache_win32_default.nasl
===================================================================
RCS file: /usr/local/cvs/nessus-plugins/scripts/php_apache_win32_default.nasl,v
retrieving revision 1.1
diff -r1.1 php_apache_win32_default.nasl
67a68,69
>         exit(1);
>  }
68a71,81
>  req = string("GET /php/php.exe?c:\php\install.txt HTTP/1.1\r\n",
>               "Host: ", get_host_name(), "\r\n\r\n");
>  soc = open_sock_tcp(port);
>  if(soc)
>  {
>  send(socket:soc, data:req);
>  r = recv(socket:soc, length:2048);
>  close(soc);
>  if("PHP/Windows Installation Notes" >< r)
>         security_hole(port);
>         exit(1);

Thanks
Noam Rathaus
http://www.SecurITeam.com
http://www.BeyondSecurity.com

Next message: Noam Rathaus: "accounts.nes"
Previous message: Michael Scheidell: "Re: Apache exploit?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Feb 26 2002 - 04:29:05 PST