Start a project
← All work
Product · 2025

Nginx CVE-2017-7529 Vulnerability Probe

Overview

A single-file Python security script that probes a target web server for the Nginx CVE-2017-7529 range-filter integer-overflow vulnerability and reports whether the host appears vulnerable.

Why It Exists

A focused security-research exercise: implement and understand a known CVE detector. It sends a crafted Range header and inspects the response for the tell-tale 206 Partial Content / Content-Range behavior that indicates the overflow condition.

What We Built

do.py, a self-contained checker using the requests library. It first issues a baseline GET to read the server header and content length, then constructs a malicious negative-range Range header derived from the response size and re-requests, classifying the target as vulnerable when it returns a 206 with a Content-Range. It runs as a CLI taking a single URL argument and logs status throughout.

Technologies & Approach

Plain Python plus requests, intentionally minimal so the detection logic is transparent and auditable. The script encodes the CVE’s exploitation primitive (negative byte ranges) directly.

Outcome / Impact

A working, readable CVE detector demonstrating practical understanding of HTTP range-request internals and vulnerability assessment, the kind of capability relevant to security reviews and hardening work.

Capabilities Demonstrated

  • Translating a published CVE into a working detection script
  • HTTP protocol-level manipulation (crafted Range headers)
  • Clear, auditable CLI security tooling in Python
More work See all →
Product 2026

Agentic Local-Network Scanner (Claude Code)

Security
Infrastructure 2026

Edge LLM gateway, multi-provider routing, budget tokens and cost metering

AI/ML
Client engagement 2025

Card-Issuing API Integration & Secure Card-Data Decryption (Python)

Banking/Fintech