nginx <= 1.4.0 exploit for CVE-2013-2028
Fri Jul 12 14:52:45 PDT 2013
for remote hosts:
rm state.bin when changing host (or relaunching nginx with canaries)
scan.py will find servers, reading IPs from ips.txt
This is a generic exploit for 64-bit nginx which uses a new attack technique (BROP) that does not rely on a particular target binary. It will work on any distro and even compiled from source installations.
Exploit-DB mirror: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32277.tgz