Forum Thread: Help Exploiting Apache/2.2.22

I would like to know how can i gain access or "HACK" Apache/2.2.22, because i've tried but with no success.

Thanks, Dorin

11 Responses

We need more info to help. What have you tried? What was the systems response to your attempts?

What is your main goal? Control to the system, or transferring files, etc.?

Yes I had problems with that (like port 8180 should be open which is metasploitable and some other things like creating .war files etc.) but finally I did it. (though an ftp server)

You should search that in google.. with your knowledge OR tell us all the ports open, Type of Apache server, IP, server OS, and many more. (I prefer google)

{Trying to hack your school server ..huh?}

Open ports:
21/tcp open ftp
22/tcp open ssh OpenSSH 6.0p1 Debian 4 (protocol 2.0)
80/tcp open http Apache httpd 2.2.22 ((Debian))
http-generator: Joomla! - Open Source Content Management
443/tcp open http Apache httpd 2.2.22 ((Debian))
465/tcp open smtps
5060/tcp open tcpwrapped
8080/tcp open ssl/http Apache httpd 2.2.22 ((Debian))
Running (JUST GUESSING): Linux 3.X|2.6.X (98%)
OS CPE: cpe:/o:linux:linuxkernel:3 cpe:/o:linux:linuxkernel:2.6

Aggressive OS guesses: Linux 3.2 - 3.8 (98%), Linux 2.6.32 - 3.0 (94%), Linux 2.6.32 (90%), Linux 3.1 - 3.2 (89%), Linux 3.0 - 3.2 (89%), Linux 2.6.32 - 2.6.39 (89%)

No exact OS matches for host (test conditions non-ideal).
Network Distance: 7 hops
Service Info: OS: Linux; CPE: cpe:/o:linux:linuxkernel

Thanks, Dorin

You have FTP to crack as well as SSH. That'll give you both file access and system control. Hydra will be your new friend. ;)

So How can you do this exploit process?
Sorry, mail to me.

At first i made what FEAR did trying to see port 8180 for Tomcat, but with no success, as port 8180 does not exit in this target, so i would like to know how to FULL TAKE CONTROL on this server.

Thanks, Dorin

Dorin:

I see that there is Joomla on that server. There are several new and excellent exploits in Metasploit taking advantage of Joomla. That's where I would start. Joomla is very vulnerable to attack.

In addition, check Metasploit for Apache exploits as well.

OTW

Apache 2.2.22 exploit is very simple.

can you give me more details? what vulnerability/exploit?

How i can exploit apache Apache httpd 2.2.22 ?? with metasploit

Share Your Thoughts

  • Hot
  • Active