要求获取服务器用户密码，我通过zenmap看了它的弱点，说
|_http-frontpage-login: false

| http-vuln-cve2011-3192: 

|   VULNERABLE:

|   Apache byterange filter DoS

|     State: VULNERABLE

|     IDs:  OSVDB:74721  CVE:CVE-2011-3192

|       The Apache web server is vulnerable to a denial of service attack when numerous

|       overlapping byte ranges are requested.

|     Disclosure date: 2011-08-19

|     References:

|       http://osvdb.org/74721

|       http://seclists.org/fulldisclosure/2011/Aug/175

|       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192

|       http://nessus.org/plugins/index.php?view=single&id=55976

|_      https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192

| ssl-dh-params: 

|   VULNERABLE:

|   Diffie-Hellman Key Exchange Insufficient Group Strength

|     State: VULNERABLE

|       Transport Layer Security (TLS) services that use Diffie-Hellman groups of

|       insufficient strength, especially those using one of a few commonly shared

|       groups, may be susceptible to passive eavesdropping attacks.

|     Check results:

|       WEAK DH GROUP 1

|             Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA

|             Modulus Type: Safe prime

|             Modulus Source: nginx/1024-bit MODP group with safe prime modulus

|             Modulus Length: 1024

|             Generator Length: 8

|             Public Key Length: 1024

|     References:

|_      https://weakdh.org

嗯，我看了 weakdh.org的reference，但是其中没有涉及怎么攻击的？请问怎么获取相关密码？求具体步骤
PS: 已经知道了用户名:att acker

[培训]内核驱动高级班，冲击BAT一流互联网大厂工作，每周日13:00-18:00直播授课