Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2002-0082 PoC — Apache-SSL和mod_ssl 安全漏洞

Source
https://github.com/ratiros01/CVE-2002-0082
Associated Vulnerability
Title:Apache-SSL和mod_ssl 安全漏洞 (CVE-2002-0082)
Description:The dbm and shm session cache code in mod_ssl before 2.8.7-1.3.23, and Apache-SSL before 1.3.22+1.46, does not properly initialize memory using the i2d_SSL_SESSION function, which allows remote attackers to use a buffer overflow to execute arbitrary code via a large client certificate that is signed by a trusted Certificate Authority (CA), which produces a large serialized session.
Description
CVE-2002-0082
Readme
Fix https://www.exploit-db.com/exploits/764 : Apache mod_ssl < 2.8.7 OpenSSL - 'OpenFuckV2.c' Remote Buffer Overflow (1)
Credit : https://blog.hypn.za.net/2017/08/27/compiling-exploit-764-c-in-2017/

Dont forget to:
apt-get install libssl-dev

Compile:
gcc -o 764 764.c -lcrypto
File Snapshot

 [4.0K]  /data/pocs/4e53c44abb8514eb66f63a2ed32340cb7e2ad9de
├── [ 32K]  764.c
└── [ 279]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →