Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

http-litespeed-sourcecode-download

From: Paulino Calderon <paulino () calderonpale com>
Date: Fri, 15 Jul 2011 18:25:32 -0700
Hi nmap-dev,

description = [[
http-litespeed-sourcecode-download.nse exploits a null-byte poisoning vulnerability in Litespeed Web Servers 4.0.x before 4.0.15 to retrieve the target script's source code by sending a HTTP request with a null byte followed by a .txt file extension (CVE-2010-2333). 

HTTP GET example:
* <code>/index.php\00.txt</code>

References:
* http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2333
* http://www.exploit-db.com/exploits/13850/
]]

---
-- @usage
-- nmap -p80 --script http-litespeed-sourcecode-download --script-args http-litespeed-sourcecode-download.file=/index.php <host> 
--
-- @args http-litespeed-sourcecode-download.uri URI path to remote file
---


--
Paulino Calderón Pale
Web: http://calderonpale.com
Twitter: http://www.twitter.com/paulinocaIderon

Attachment: http-litespeed-sourcecode-download.nse
Description: 

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: