Forum Thread: STUDENT in NEED of HELP *How Can I Use the Well-Known Vulnerabilities to Exploit Apache Server

Hey guys,

This is my first Forum post so i apologies if the post is not really detailed.

I have been a task to exploit the Vulnerabilities of Apache server as a project . I have used Kali tools such as nikto and similar tools to scan the apache server running version 2.4.10 debian and i have found few CVE's but i dont know how i can use it to exploit the system. If someone can point me to the right direction i would be so ever thank you .

7 Responses

You can check for exploits at exploit db or security focus and use metasploit to exploit the system.

I have checked them however they dont say what exploits can be used to exploit the particular Vulnerability, for example this one of the vulnerabilities from http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0253

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0253

it just talks about the issue that has been reported not how to exploit it . The exploits on Metasploit are pretty old at times .

download metasploitable and use that as practice there are plenty of tutorials available to help you demonstrate the exploitation of a vulnerable apache server. now if you are hiding behind the idea that we will help a "student" compromise a production level server you dont own you should look elsewhere.

thanks for your reply but i will not be posting with my real fb name and details and asking about hacking and exploiting apache server lol. i can give you my uni card details if your really interested...

You can exploit the vulnerability called HEARTBLEED.. To do that setup HTTPS server using apache2 on KALI linux and exploit it...If u wanna exploit the different server around the world then do find the vulnerable server to heartbleed and exploit it using metasploit or python script.

scan your target for find apache version
go to exploit data site example : exploit-db
now exploit your target .

Thanks guys! i have found Vulnerabilities for 2.4.10 Apache versions using nikto and other on-line sites in exploiting it .

Share Your Thoughts

  • Hot
  • Active