Nginx 1.4.0 (Generic Linux x64) - Remote Overflow

Author: sorbo
type: remote
platform: linux_x86-64
port: 
date_added: 2014-03-20  
date_updated: 2017-11-22  
verified: 0  
codes: CVE-2013-2028  
tags:   
aliases:   
screenshot_url:   
application_url: http://www.exploit-db.comnginx-1.4.0.tar.gz  

raw file: 32277.txt  

nginx <= 1.4.0 exploit for CVE-2013-2028
by sorbo
Fri Jul 12 14:52:45 PDT 2013

./brop.rb 127.0.0.1

for remote hosts:
./frag.sh ip
./brop.rb ip

rm state.bin when changing host (or relaunching nginx with canaries)

scan.py will find servers, reading IPs from ips.txt



This is a generic exploit for 64-bit nginx which uses a new attack technique (BROP) that does not rely on a particular target binary.  It will work on any distro and even compiled from source installations.



Exploit-DB Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/32277.tgz