|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: jove
gaza.halo.nuDate: Sun Sep 09 2001 - 03:19:01 CDT
Matthew,
What sort of logs showed up after he ran the script? The output
is too ambiguous.
-Jove
On Mon, 10 Sep 2001, Matthew S. Hallacy wrote:
> howdy,
>
> We had YASK (yet another script kiddie) join #linux on efnet tonight asking for a patch for the new
> apache exploit, knowing of no recent exploit I convinced him to try it on my machine, he claimed
> all he had was a binary compiled to only work on his machine (possible). He tried it and messaged
> me this:
>
> [roothisbox /]# ./apex x.x.x.x
> -= FtSoK 0wnz =-
> Checking daemon version...: Apache/1.3.19 (Unix)
> Attempting to compromise..: x.x.x.x
> Remote system is..........: Linux. (Red-Hat/Linux)
> Connected! ...but not vulnerable.
>
>
> Where x.x.x.x is the address of my machine, I was packet logging (tcpdump) but came up with nothing
> out of the ordinary, perhaps someone else knows more.
>
>
> Matthew S. Hallacy
>
>
> --
> --
>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]