Apache-Nosejob

From: Jeremy Junginger (jjungingerat_private)
Date: Thu Aug 22 2002 - 07:38:39 PDT

Next message: chrisdat_private: "exploiting printers, home routers & smb routers"

Previous message: Alla Bezroutchko: "Exploiting cross-domain scripting vulnerabilities?"
Next in thread: gotcha: "Re: Apache-Nosejob"
Reply: gotcha: "Re: Apache-Nosejob"
Reply: Walter Pearce: "RE: Apache-Nosejob"
Reply: Muhammad Faisal Rauf Danka: "Re: Apache-Nosejob"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Good Morning,

I've got a lab set up with the following host:

FreeBSD 4.5
Apache 1.3.23 (downloaded from
http://packetstormsecurity.org/UNIX/admin/apache_1.3.23.tar.gz )

And am running the apache-nosejob script against it in order to
understand the chunked encoding vulnerability:

http://packetstorm.decepticons.org/0206-exploits/apache-nosejob.c

When I ran ./apache-nosejob -o f -h x.x.x.x(address of host), the script
ran for over 12 hours with no successful penetration :).  I have also
tried the script with the -b 0x80a0000, -d -150, -z 36, -r 6 switches to
no avail.  Perhaps you could suggest some alternate r|d|z values for the
Brute Force settings?  Thanks,

-Jeremy

application/x-pkcs7-signature attachment: smime.p7s

Next message: chrisdat_private: "exploiting printers, home routers & smb routers"
Previous message: Alla Bezroutchko: "Exploiting cross-domain scripting vulnerabilities?"
Next in thread: gotcha: "Re: Apache-Nosejob"
Reply: gotcha: "Re: Apache-Nosejob"
Reply: Walter Pearce: "RE: Apache-Nosejob"
Reply: Muhammad Faisal Rauf Danka: "Re: Apache-Nosejob"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Aug 22 2002 - 07:53:20 PDT