exploit mod_ssl?

No explicit questions like "how do I hack xxx.com" please!
Post Reply
User avatar
elf
Newbie
Newbie
Posts: 3
Joined: 21 Mar 2006, 17:00
15

exploit mod_ssl?

Post by elf »

an site have a hole, named 'Old mod_ssl versions might be susceptible to security flaws'

how to 'use' it? =)

User avatar
bad_brain
Site Owner
Site Owner
Posts: 11600
Joined: 06 Apr 2005, 16:00
16
Location: The zone.
Contact:

Post by bad_brain »

first you need to know the exact version, then check on the well-known sites like packetstormsecurity or milw0rm for an exploit.
but don´t expect to find something like an .exe where you can klick a button, you will most likely have to edit/compile the codes by yourself...some codes may even contain errors which are included to keep skiddies away from using them.
:wink:

User avatar
elf
Newbie
Newbie
Posts: 3
Joined: 21 Mar 2006, 17:00
15

Post by elf »

unfortunately I AM a sk... yet.

but everybody first must be a sk - wrong?


i found the file written in C. i will see what i can do...
may i expect some edification?

this is the server: Apache-AdvancedExtranetServer
/2.0.50 (Mandrakelinux/7.2.101mdk) mod_log_sql
/1.98 mod_auth_external
/2.2.7 auth_radius
/1.7PR1 AuthentiCache
/2.0.6 mod_ssl
/2.0.50 OpenSSL
/0.9.7d PHP
/4.3.8

what means every line?

User avatar
CommonStray
Forum Assassin
Forum Assassin
Posts: 1214
Joined: 20 Aug 2005, 16:00
16

Post by CommonStray »

since its written in C, you can d/l a compiler you can run from cmd.exe (command prompt)

Post Reply