NetBus Pro Web Server Direcory Listing And Remote File Upload

["Rafel Ivgi, The-Insider" <theinsider () 012 net il>]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Software:        NetBus Web Server
Vendor:           http://ultraaccess.net/
Versions:        Pro
Platforms:       Unix
Bug:                 Direcory Listing And Remote File Upload
Risk:                High
Exploitation:   Remote with browser
Date:               22 Jan 2004
Author:            Rafel Ivgi, The-Insider
e-mail:             the_insider () mail com
web:                http://theinsider.deep-ice.com

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1) Introduction
2) Bug
3) The Code

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

===============
1) Introduction
===============

NetBus Pro is a "Trojan Horse". It is a virus that opens a port and listens
until some attacker will connect the port and do what ever he wishes on
the machine. If a password is set and the default port number is changed
it can be used as a remote control software.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

======
2) Bug
======

Although NetBus Pro is a virus, it has a web server built in.
If an attacker connects to the server he gets a default page, with
no special links or options.
However requesting:

http://<host>//
Or
http://<host>/./

Will Show the root path directory listing and a file upload function.
This allows any one to download local files, upload anything and possibly
take over the machine.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

===========
3) The Code
===========

http://<host>//
http://<host>/./

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

--- 
Rafel Ivgi, The-Insider
http://theinsider.deep-ice.com

"Things that are unlikeable, are NOT impossible."