logoalt Hacker News

danslotoday at 5:38 PM2 repliesview on HN

This one's pretty bad but there are some preconditions.

Requires a "rewrite" directive with a questionmark in the replacement string, and then a subsequent "set" directive that references a regex capture group (e.g. set $var $1).

Also the POC assumes ASLR is disabled.

Replies

dsr_today at 5:42 PM

Does any distro disable ASLR by default?

If you were to do it by hand, nginx doesn't come to mind as a likely candidate.

show 1 reply