关联漏洞
标题:
Webmin/Usermin未明信息泄露漏洞
(CVE-2006-3392)
描述:Webmin 1.290之前版本和Usermin 1.220之前版本在解码HTML之前调用simplify_path 函数,可以使远程攻击者读取任意文件,比如使用"..%01"序列,该序列可在从文件名中删除诸如"%01"等字节之前绕过"../" 序列的删除。注: 此漏洞不同于CVE-2006-3274。
描述
This small script helps to avoid using MetaSploit (msfconsole) during the Enterprise pentests and OSCP-like exams. Grep included function will help you to get only the important information.
介绍
# CVE-2006-3392
About the vulnerability
-----------------------
A vulnerability has been reported in Webmin and Usermin, which can be exploited by malicious people to disclose potentially sensitive information. The vulnerability is caused due to an unspecified error within the handling of an URL. This can be exploited to read the contents of any files on the server via a specially crafted URL, without requiring a valid login. The vulnerability has been reported in Webmin (versions prior to 1.290) and Usermin (versions prior to 1.220).
This small script helps to avoid using MetaSploit (msfconsole) during the Enterprise pentests and OSCP-like exams.
Grep included function will help you to get only the important information.
Usage example:
--------------
```
nano CVE-2006-3392.sh
change an IP-address (ctrl+O, ctrl+X)
chmod +x CVE-2006-3392.sh
./CVE-2006-3392.sh /etc/passwd
```
or
```
./CVE-2006-3392.sh /etc/passwd bash
```
An original article:
--------------------
[https://www.ivanglinkin.com/CVE-2006-3392/](https://www.ivanglinkin.com/CVE-2006-3392/)
Video example:
--------------
Screenshots:
------------
文件快照
[4.0K] /data/pocs/3824fe6a9772392694c00c163a43cead5858d425
├── [2.5K] CVE-2006-3392.sh
└── [1.3K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。