Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Date: Sun Sep 09 2001 - 03:19:01 CDT
What sort of logs showed up after he ran the script? The output
is too ambiguous.
On Mon, 10 Sep 2001, Matthew S. Hallacy wrote:
> We had YASK (yet another script kiddie) join #linux on efnet tonight asking for a patch for the new
> apache exploit, knowing of no recent exploit I convinced him to try it on my machine, he claimed
> all he had was a binary compiled to only work on his machine (possible). He tried it and messaged
> me this:
> [roothisbox /]# ./apex x.x.x.x
> -= FtSoK 0wnz =-
> Checking daemon version...: Apache/1.3.19 (Unix)
> Attempting to compromise..: x.x.x.x
> Remote system is..........: Linux. (Red-Hat/Linux)
> Connected! ...but not vulnerable.
> Where x.x.x.x is the address of my machine, I was packet logging (tcpdump) but came up with nothing
> out of the ordinary, perhaps someone else knows more.
> Matthew S. Hallacy