Re: Apache Exploit

From: Randy Taylor (rtaylorat_private)
Date: Mon Jun 24 2002 - 07:39:12 PDT

  • Next message: Toni Heinonen: "Re: Apache vulnerability checking"

    At 04:45 PM 6/22/2002 +0200, T0aD wrote:
    >On Fri, 21 Jun 2002 23:57:41 -0400 (EDT)
    >David Bernick <bernzat_private> wrote:
    >
    > > > In one case (the RH box), it looked like a TCP lockup condition. The 
    > thing
    > > > just stopped responding to outside stimuli, and right after that, inputs
    > > > via the local keyboard stopped as well. I haven't had time to dig 
    > into it
    > > > further.
    > >
    > > I've tested the Gobbles 'sploit against the following machines/platforms:
    > > 1. RH Linux 6.1 w Apache 1.2.x PIII 512MB
    > > 2. RH Linux 7.2 w Apache 1.3.24 PIII 512MB
    > > 3. RH Linux 7.2 w/Tux Webserver PII 128MB
    > > 4. RH Linux 7.2 w Apache 1.3.26 DualPIII 1GB
    > > 5. RH Liunx 6.1 w Apache 1.3.14 on an Alpha processor 512MB
    
    <snip>
    
    >You think thats a linux shellcode you're using ?!
    >
    >-- toad
    
    No, T0aD, it wasn't Linux shellcode - that was the point.
    
    After cracking the OBSD2.9 box, which wasn't on the target
    list, I decided to tap into part of the true spirit of the GOBBLES
    crew and ignore all instructions thereafter.
    
    So what happens when you throw GOBBLES OBSD apache-scalp
    at a FreeBSD box? A RH Linux box? Fred the W0nd3r Rabbit?
    (Fred didn't go foom! Everything else did.)
    
    My comprehension of instructions is notoriously bad. My foothold
    in this reality flickers like a bad florescent tube in a really dark
    room. My grip on sanity is tenuous at best - after all, look at who
    I work for!
    
    Randy Taylor
    Enterasys Networks
    R&D
    Dragon Team
    
    -----
    "How would you know I'm mad?" said Alice.
    "You must be", said the Cat, "or you wouldn't have come here."
    -- Lewis Carroll Alice's Adventures In Wonderland 1864
    



    This archive was generated by hypermail 2b30 : Mon Jun 24 2002 - 15:02:35 PDT