Pages

10/25/2010

Hack(Post Exploit) into unix server via PHP+SQL injection

I should post this long ago, but for unknown reason I saved it as a draft.

Debian <=5.0.6 /Ubuntu <=10.04 Webshell-Remote-Root

# Exploit Title: Debian <=5.0.6 /Ubuntu <=10.04 Webshell-Remote-Root# Date: 24-10-2010
# Author: jmit# Mail: fhausberger[at]gmail[dot]com
# Tested on: Debian 5.0.6# CVE: CVE-2010-3856
http://www.exploit-db.com/papers/15311/



ubuntu doesn't have "nc -e .." anymore (some said use '-c' instead)
https://bugs.launchpad.net/ubuntu/+source/netcat/+bug/566377

No comments:

Post a Comment