Nmap Development mailing list archives
http-majordomo2-dir-traversal.nse
From: Paulino Calderon <paulino () calderonpale com>
Date: Thu, 09 Jun 2011 18:33:47 -0700
Hello nmap-dev,Here is my NSE script for exploiting the directory traversal vulnerability recently found in Majordomo2 (CVE-2011-0049) .
description = [[Exploits a directory traversal vulnerability existing in Majordomo2 to retrieve remote files. (CVE-2011-0049).
Vulnerability originally discovered by Michael Brooks. For more information about this vulnerability: * http://www.mj2.org/ * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0049 * http://www.exploit-db.com/exploits/16103/ ]] --- -- @usage -- nmap -p80 --script http-majordomo2-dir-traversal <host/ip> -- -- @output -- PORT STATE SERVICE -- 80/tcp open http syn-ack -- | http-majordomo2-dir-traversal: /etc/passwd was found: -- | -- | root:x:0:0:root:/root:/bin/bash -- | bin:x:1:1:bin:/bin:/sbin/nologin -- | ---- @args http-majordomo2-dir-traversal.rfile Remote file to download. Default: /etc/passwd -- @args http-majordomo2-dir-traversal.uri URI Path to mj_wwwusr. Default: /cgi-bin/mj_wwwusr -- @args http-majordomo2-dir-traversal.outfile If set it saves the downloaded file to this location.
-- -- Other arguments you might want to use with this script: -- * http.useragent - Sets user agent -- Cheers. -- Paulino Calderón Pale Web: http://calderonpale.com Twitter: http://www.twitter.com/paulinocaIderon
Attachment:
http-majordomo2-dir-traversal.nse
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- http-majordomo2-dir-traversal.nse Paulino Calderon (Jun 09)
- Re: http-majordomo2-dir-traversal.nse Fyodor (Jun 27)
- Re: http-majordomo2-dir-traversal.nse Paulino Calderon (Jun 27)
- Re: http-majordomo2-dir-traversal.nse Fyodor (Jun 27)