I uploaded a new version of lophttpd since it was
not properly decoding URL escapes (%2B etc). Not
a security issue, but it was just ignoring escapes
completely %-D
Since the download stats for lophttpd are quite
impressive, I quickly added it. I already found the first
lophttpd banners in the wild. :)
The amount of download is of course not as impressive
as for devshit. I think most people don't realize that
this is not an exploit that pops you up a rootshell.Instead
it sets up a portable HDD which, upon plugin into a vulnerable
DeviceKit installation, creates a rootshell on the system.
IOW you need console access.
Subscribe to:
Post Comments (Atom)
Posts
No comments:
Post a Comment