- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 9676
- Проверка EDB
-
- Пройдено
- Автор
- USMAN SAEED
- Тип уязвимости
- REMOTE
- Платформа
- WINDOWS
- CVE
- N/A
- Дата публикации
- 2009-09-15
Код:
###########################################################################################
#
# Name : BSR Webweaver Version 1.33 /Scripts access restriction bypass vulnerbility
# Author : Usman Saeed
# Company : Xc0re Security Reasearch Group
# Date : 15/09/09
# Homepage : http://www.xc0re.net
#
###########################################################################################
[*] Download Page : http://www.brswebweaver.com/downloads.html
[*] Attack type : Remote
[*] Patch Status : Unpatched
[*] Description : In ISAPI/CGI path is [%installdirectory%/scripts] and
through HTTP the alias is [http://[host]/scripts] ,
The access security check is that if the attacker tries to access /scripts
a 404 Error response occurs ! Now to bypass and
check the directory listing [That is if Directory Browsing is allowed in
the server Configuration !] just copy and paste the
exploit url !.
This is the reason this exploit is not called a Directory Listing Exploit !
[*] Exploitation :
[+] http://127.0.0.1/scripts/%bg%ae%bg%ae/.exe
# milw0rm.com [2009-09-15]- Источник
- www.exploit-db.com
