CVE-2013-2028
nginx 1.3.9-1.4.0 - Remote Code Execution via Chunked Transfer-Encoding
Title source: llmExploitation Summary
EIP tracks 12 public exploits for CVE-2013-2028.
PoCs published by Metasploit, sorbo, kingcope, including Metasploit module exploits/linux/http/nginx_chunked_size.
AI-analyzed exploit summary This Metasploit module exploits a stack buffer overflow in nginx versions 1.3.9 to 1.4.0 via a malformed chunked encoding request. It bypasses stack canary protection through brute-forcing and achieves remote code execution on vulnerable systems.
Description
The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
Exploits (12)
This Metasploit module exploits a stack buffer overflow in nginx versions 1.3.9 to 1.4.0 via a malformed chunked encoding request. It bypasses stack canary protection through brute-forcing and achieves remote code execution on vulnerable systems.
This exploit leverages the BROP (Blind Return-Oriented Programming) technique to achieve remote code execution on 64-bit nginx versions <= 1.4.0. It includes scripts for scanning, fragmentation, and exploitation, making it adaptable to various distributions and source-compiled installations.
This exploit targets a vulnerability in nginx 1.3.9/1.4.0 (CVE-2013-2028) to achieve remote code execution by leveraging a brute-force method to bypass stack protections and execute a reverse shell. It requires specific network conditions (e.g., high MTU) and is designed for x86 Linux systems.
This exploit targets a denial-of-service (DoS) vulnerability in nginx versions 1.3.9 to 1.4.0 by sending malformed chunked HTTP requests. The PoC sends a series of chunked requests with an invalid chunk size to trigger a crash or hang in the nginx server.
This repository contains the nginx 1.4.0 source code and precompiled binaries for exploiting CVE-2013-2028, a stack-based buffer overflow vulnerability. It includes a Vagrantfile for easy setup and debugging instructions.
This repository contains a working exploit PoC for CVE-2013-2028, a buffer overflow vulnerability in nginx 1.4.0. The exploit uses a ROP chain and shellcode to achieve remote code execution via a crafted HTTP request with chunked encoding.
This exploit targets an integer overflow in Nginx's chunked encoding parser (CVE-2013-2028) to achieve remote code execution via a reverse shell. It bruteforces the stack canary, leverages ROP to call mprotect, and executes shellcode.
This is a Python-based exploit PoC for CVE-2013-2028, targeting a vulnerability in nginx to bypass NX, PIE, SSP, and ASLR protections. It uses a reverse shell payload and leverages memory corruption techniques to achieve remote code execution.
This is a functional exploit for CVE-2013-2028 targeting Nginx 1.3.9/1.4.0, which leverages a stack-based buffer overflow via chunked encoding to inject and execute a bind shell payload. The exploit includes canary brute-forcing and shellcode injection for remote code execution.
This repository contains a Python script that checks if a target Nginx server is vulnerable to CVE-2013-2028 by parsing the version from the Server header. It does not exploit the vulnerability but verifies if the version falls within the affected range (1.3.9 to 1.4.0).
This repository contains a working exploit for CVE-2013-2028, targeting a stack-based buffer overflow in nginx 1.4.0. The exploit uses ROP chains to bypass DEP and execute a reverse shell payload.
This Metasploit module exploits a stack buffer overflow in nginx versions 1.3.9 to 1.4.0 via a crafted chunked encoding request, leveraging an integer overflow to achieve remote code execution.