Nginx 1.4.0 (Generic Linux x64) – Remote Overflow

• Exploit Database
• 13 阅读

• 作者： sorbo
  日期： 2014-03-15
• 类别：

  • remote
  平台：

  • linux_x86-64
• 来源：https://www.exploit-db.com/exploits/32277/

• nginx <= 1.4.0 exploit for CVE-2013-2028
  by sorbo
  Fri Jul 12 14:52:45 PDT 2013
  
  ./brop.rb 127.0.0.1
  
  for remote hosts:
  ./frag.sh ip
  ./brop.rb ip
  
  rm state.bin when changing host (or relaunching nginx with canaries)
  
  scan.py will find servers, reading IPs from ips.txt
  
  
  
  This is a generic exploit for 64-bit nginx which uses a new attack technique (BROP) that does not rely on a particular target binary.It will work on any distro and even compiled from source installations.
  
  
  
  Exploit-DB Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/32277.tgz