AmpJuke version 0.8.5 with Apache mod_negotiation suffers from a directory listing vulnerability.
66a33ea5e3bae7835afaeffc341e89465322c61b1372aa317bfcf3868a659ccf=======================================================================
AmpJuke Version 0.8.5 Apache mod_negotiation filename bruteforcing Vulnerability
=======================================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=0
0 . .--. .--. .---. . 1
1 .'| ) ) / | 0
0 | --: --: / .-.| .-. . . 1
1 | ) ) / ( |( ) | | 0
0 '---' `--' `--' ' `-'`-`-'`-`--| 1
1 ; 0
0 Site : 1337day.com `-' 1
1 Support e-mail : submit[at]inj3ct0r.com 0
0 >> Exploit database separated by exploit 1
1 type (local, remote, DoS, etc.) 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=1
#######################################################
# Vendor: http://www.ampjuke.org/
# Date: 2011-07-27
# Author : indoushka
+++=[ Dz Offenders Cr3w ]=+++
# KedAns-Dz * Caddy-Dz * Kalashinkov3
# Jago-dz * Kha&miX * T0xic * Ev!LsCr!pT_Dz
# Contact : ind0ushka@hotmail.com
# Tested on : win SP2 + SP3 Fr / Back | Track 5 fr
########################################################################
# Exploit By indoushka
-------------
Vulnerability description :
mod_negotiation is an Apache module responsible for selecting the document that best matches the clients capabilities, from one of several available documents. If the client provides an invalid Accept header, the server will respond with a 406 Not Acceptable error containing a pseudo directory listing. This behaviour can help an attacker to learn more about his target, for example, generate a list of base names, generate a list of interesting extensions, look for backup files and so on.
This vulnerability affects Web Server.
Discovered by:
Scripting (Apache_mod_negotiation_Filename_Bruteforcing.script).
The impact of this vulnerability
Possible information disclosure: directory listing, filename bruteforcing, backup files.
Attack details
Pattern found:
<title>406 Not Acceptable</title>
How to fix this vulnerability :
Disable the MultiViews directive from Apache's configuration file and restart Apache.
You can disable MultiViews by creating a .htaccess file containing the following line:
Options -Multiviews
Directory Listing :
/tmp/banned_ips.txt
Dz-Ghost Team ===== Saoucha * Star08 * Cyber Sec * theblind74 * XproratiX * onurozkan * n2n * Meher Assel ===========================
special thanks to : r0073r (inj3ct0r.com) * L0rd CruSad3r * MaYur * MA1201 * KeDar * Sonic * gunslinger_ * SeeMe * RoadKiller
Sid3^effects * aKa HaRi * His0k4 * Hussin-X * Rafik * Yashar * SoldierOfAllah * RiskY.HaCK * Stake * r1z * D4NB4R * www.alkrsan.net
MR.SoOoFe * ThE g0bL!N * AnGeL25dZ * ViRuS_Ra3cH * Sn!pEr.S!Te
---------------------------------------------------------------------------------------------------------------------------------
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed