On 02/09/2011 14:12, Edward Quick wrote: > Hi there, > > I was testing out the packet forgery example (at > https://issues.apache.org/bugzilla/show_bug.cgi?id=51698) > to see if my site was vulnerable and got the following results. > I'm not sure looking at the code comments in ForwardRequestForgeryExample.java > if the output below means it's vulnerable and what exactly that exploited.
Yes, you are vulnerable. The attack exploits a bug in the AJP connector you have configured. > Could someone give me a hand please? See above. Mark > > Thanks, > > Ed. > > C:>java -cp . ForwardRequestForgeryExample > Sending AJP Forward-Request Packet... > End > > $ tail -f catalina.out > Invoke HelloWorldExample.doPost method: > ------------------------------------------- > Host: my.evil-site.com > RemoteAddr: 1.2.3.4 > LocalPort: 999 > woo: I am here > > > > > > ________________________________ > The information contained in this email is strictly confidential and for the > use of the addressee only, unless otherwise indicated. If you are not the > intended recipient, please do not read, copy, use or disclose to others this > message or any attachment. Please also notify the sender by replying to this > email or by telephone (+44 (0)20 7896 0011) and then delete the email and any > copies of it. Opinions, conclusions (etc) that do not relate to the official > business of this company shall be understood as neither given nor endorsed by > it. IG Group Holdings plc is a company registered in England and Wales under > number 01190902. VAT registration number 761 2978 07. Registered Office: > Cannon Bridge House, 25 Dowgate Hill, London EC4R 2YA. Authorised and > regulated by the Financial Services Authority. FSA Register number 114059. > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
