attempting to demonstrate CVE-2010-0425 – Digitalmunition

attempting to demonstrate CVE-2010-0425

Home Forums attempting to demonstrate CVE-2010-0425

This topic contains 0 replies, has 1 voice, and was last updated by  BrianMiz 7 months, 2 weeks ago.

  • Author
  • #146280


    I have a very basic understanding of this vulnerability and i am trying to demonstrate it for school, i currently have a Windows Server 2008 VM with Apache 2.2.8 running on it. My Kali VM is on the same network and i am able to see the http server running on port 80 with an nmap scan. i have the Apache mod_isapi dangling pointer metasploit module and it appears to be working correctly but i do not notice any change in my Apache Server. the Youtube video on the exploit allows the attacker to get root access through telnet but other sources say that the exploit results in a crash or DOS for the web server.

    I dont really know what im doing but i feel like im close, can anyone point me in the right direction? heres a screenshot of me running the metasploit module against the server ip

You must be logged in to reply to this topic.