From: The Deviant <deviant@pooh-corner.com>
To: pjb@ny.ubs.com
Message Hash: 19fe15864e26a670a8dc17ef3feadc001aab8ac9e9a3155bd4aa1cd68790c1aa
Message ID: <Pine.LNX.3.94.961129175308.3227A-100000@random.sp.org>
Reply To: <199611291506.KAA16645@sherry.ny.ubs.com>
UTC Datetime: 1996-11-29 17:55:54 UTC
Raw Date: Fri, 29 Nov 1996 09:55:54 -0800 (PST)
From: The Deviant <deviant@pooh-corner.com>
Date: Fri, 29 Nov 1996 09:55:54 -0800 (PST)
To: pjb@ny.ubs.com
Subject: Re: cgi-bin vulnerability
In-Reply-To: <199611291506.KAA16645@sherry.ny.ubs.com>
Message-ID: <Pine.LNX.3.94.961129175308.3227A-100000@random.sp.org>
MIME-Version: 1.0
Content-Type: text/plain
-----BEGIN PGP SIGNED MESSAGE-----
On Fri, 29 Nov 1996 pjb@ny.ubs.com wrote:
> does anyone have a pointer to any sample scripts for exploiting the cgi-bin/phf
> vulnerability?
>
> cheers,
> -paul
>
If you can't figure out how, you probably don't need to know. (actually,
its so simple the average high school student could probablyfigure it out,
if they knew what %0A meant... oops.. wasn't supposed to tell you that...
;)
--Deviant
PGP KeyID = E820F015 Fingerprint = 3D6AAB628E3DFAA9 F7D35736ABC56D39
"All in all is all we are."
-- Kurt Cobain
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQEVAwUBMp8jSjCdEh3oIPAVAQFkoAf+Nu62ObHyWHgDvkWAqqH7QTw4svfkELTB
d5E8S1ghkyxL1219LwGljelQ+uHaZt4EGB/nnDfQo7H2J9fMDR1CLJRC+h95xxKM
mKuAVbVT1W3nPm4+WP5DIplMvF/xVmextdbGLmAfYQksXQ4uGNRuaawS9G2ffYLP
erBEN9XuxvVY0AnTYCErnpDdOhh4BNTi2+os86Ea+mXt2FG3D8y0pdfRSnOJm2YU
yvQ7pUrMfhl9DGauc+lvb42B8OXWElnjYIFloxWr+rxACzS6NCbGF3izjfTv+2HX
tRZUuwYNee3j+p7kDY9ebANJqWUcMtR9To5za1/vlA4QAtPl5HsaVw==
=3/ok
-----END PGP SIGNATURE-----
Return to November 1996
Return to “The Deviant <deviant@pooh-corner.com>”