Finding New Vulns With Fuzzing and Turning them Into An Exploit Part 1: Kolibri Webserver 2.0 POST Exploit Example
Tags
| attack-pattern: | Data Exploits - T1587.004 Exploits - T1588.005 Python - T1059.006 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002 Vulnerabilities - T1588.006 |
Common Information
| Type | Value |
|---|---|
| UUID | ce04d24b-cb11-4f73-96d8-8b60c6f0a447 |
| Fingerprint | e8f29b53e436dfba |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Oct. 17, 2014, 5:26 p.m. |
| Added to db | Jan. 19, 2023, 12:05 a.m. |
| Last updated | Nov. 18, 2024, 11:23 a.m. |
| Headline | tekwizz123's Blog |
| Title | Finding New Vulns With Fuzzing and Turning them Into An Exploit Part 1: Kolibri Webserver 2.0 POST Exploit Example |
| Detected Hints/Tags/Attributes | 49/1/34 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 1 | cve-2010-5301 |
|
| Details | CVE | 1 | cve-2014-4158 |
|
| Details | CVE | 1 | cve-2014-5289 |
|
| Details | Domain | 61 | seclists.org |
|
| Details | Domain | 63 | www.rapid7.com |
|
| Details | Domain | 132 | www.exploit-db.com |
|
| Details | Domain | 1 | www.senkas.com |
|
| Details | Domain | 26 | mitre.org |
|
| Details | Domain | 1 | 1337day.com |
|
| Details | Domain | 34 | packetstormsecurity.com |
|
| Details | Domain | 10 | osvdb.org |
|
| Details | Domain | 243 | cve.mitre.org |
|
| Details | Domain | 21 | mona.py |
|
| Details | Domain | 16 | www.corelan.be |
|
| Details | 1 | cve-assign@mitre.org |
||
| Details | File | 20 | mona.py |
|
| Details | File | 18 | pattern_create.rb |
|
| Details | File | 16 | pattern_offset.rb |
|
| Details | File | 37 | www.core |
|
| Details | File | 1207 | index.php |
|
| Details | File | 98 | download.php |
|
| Details | File | 1 | calais.asmx |
|
| Details | File | 1 | post.spk |
|
| Details | IPv4 | 1 | 192.168.99.142 |
|
| Details | IPv4 | 1 | 192.168.82.129 |
|
| Details | Url | 2 | http://seclists.org/bugtraq/2014/aug/86 |
|
| Details | Url | 1 | http://www.rapid7.com/db/modules/exploit/windows/http/kolibri_http |
|
| Details | Url | 1 | http://www.exploit-db.com/exploits/34059 |
|
| Details | Url | 1 | http://www.exploit-db.com/exploits/33027/. |
|
| Details | Url | 1 | http://www.senkas.com/kolibri-plus |
|
| Details | Url | 1 | http://osvdb.org/show/osvdb/110142 |
|
| Details | Url | 1 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014 |
|
| Details | Url | 1 | https://www.corelan.be/index.php/2011/11/18/wow64-egghunter/. |
|
| Details | Url | 1 | http://www.senkas.com/kolibri/download.php |