Re: Apache Chunk Code Files

From: Nexus (nexus@patrol.i-way.co.uk)
Date: Sat Apr 05 2003 - 05:43:03 EST


----- Original Message -----
From: "Muhammad Faisal Rauf Danka" <mfrd@attitudex.com>
To: <pen-test@securityfocus.com>
Cc: "Asim Shaikh" <wezmaster@hotmail.com>
Sent: Friday, April 04, 2003 7:39 PM
Subject: Re: Apache Chunk Code Files

> Not sure if apache-scalp exists for windows, or if someone took the time
out to port it for win32 but you could always >try to compile it on Cygwin
over WinXP.

They (and apache-chunk.c) all compile fine first time under Cygwin. Once
compiled, all you need are the required .dll's, mainly cygwin1.dll, to run
it on another host.

> However I'd advice you to use a real linux distribution for this purpose
like Slackware, Redhat, Debian etc.

Why ? It's very rare that I come across a remote exploit that does not
compile under Cygwin - most need no tweaking and a few require additions to
the include paths, but that's all.

Cheers.

nexus@drizzt ~/Misc Code
$ gcc apache-scalp.c -o foo.exe

nexus@drizzt ~/Misc Code
$ ./foo.exe
Usage: ./foo <target#|base address> <ip[:port]>
  Using targets: ./apache-scalp 3 127.0.0.1:8080
  Using bruteforce: ./apache-scalp 0x8f000 127.0.0.1:8080

--- --- - Potential targets list - --- ----
Target ID / Target specification
        0 / OpenBSD 3.0 x86 / Apache 1.3.20
        1 / OpenBSD 3.0 x86 / Apache 1.3.22
        2 / OpenBSD 3.0 x86 / Apache 1.3.24
        3 / OpenBSD 3.1 x86 / Apache 1.3.20
        4 / OpenBSD 3.1 x86 / Apache 1.3.23
        5 / OpenBSD 3.1 x86 / Apache 1.3.24
        6 / OpenBSD 3.1 x86 / Apache 1.3.24 #2

nexus@drizzt ~/Misc Code
$ strings foo.exe | grep .dll
cygwin1.dll
KERNEL32.dll

nexus@drizzt ~/Misc Code
$ uname -a
CYGWIN_NT-5.0 drizzt 1.3.22(0.78/3/2) 2003-03-18 09:20 i686 unknown unknown
Cygwin

nexus@drizzt ~/Misc Code

top spam and e-mail risk at the gateway.
SurfControl E-mail Filter puts the brakes on spam & viruses
and gives you the reports to prove it. See exactly how much
junk never even makes it in the door. Free 30-day trial:
http://www.securityfocus.com/SurfControl-pen-test



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:31 EDT