Skip to content
cyberexploits
remotemultipletext

Nginx 1.4.0 (Generic Linux x64) - Remote Exploit

Nginx 1.4.0 (Generic Linux x64) - Remote Exploit

Published on 2014-03-15

Source code

Pinned to commit 7eac4c3a2ce5
textplatforms/lin_x86-64/remote/32277.txt7eac4c3a
raw
nginx <= 1.4.0 exploit for CVE-2013-2028

by sorbo

Fri Jul 12 14:52:45 PDT 2013



./brop.rb 127.0.0.1



for remote hosts:

./frag.sh ip

./brop.rb ip



rm state.bin when changing host (or relaunching nginx with canaries)



scan.py will find servers, reading IPs from ips.txt







This is a generic exploit for 64-bit nginx which uses a new attack technique (BROP) that does not rely on a particular target binary.  It will work on any distro and even compiled from source installations.







Exploit-DB mirror: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32277.tgz
View on GitHub