Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add ThinVNC Directory Traversal module #12464

Merged
merged 2 commits into from Oct 23, 2019

Conversation

@bcoles
Copy link
Contributor

bcoles commented Oct 17, 2019

Add ThinVNC Directory Traversal module.

    This module exploits a directory traversal vulnerability in ThinVNC
    versions 1.0b1 and prior which allows unauthenticated users to retrieve
    arbitrary files, including the ThinVNC configuration file.

    This module has been tested successfully on ThinVNC versions 1.0b1
    and "ThinVNC_Latest" (2018-12-07).
bcoles added 2 commits Oct 17, 2019
@wchen-r7 wchen-r7 self-assigned this Oct 23, 2019
@wchen-r7

This comment has been minimized.

Copy link
Contributor

wchen-r7 commented Oct 23, 2019

Very straight forward and the module works for me. Very nice!

msf5 auxiliary(scanner/http/thinvnc_traversal) > run

[+] File ThinVnc.ini saved in: /Users/wchen/.msf4/loot/20191023123634_default_172.16.135.133_thinvnc.traversa_795248.txt
[+] Found credentials: admin:admin
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
wchen-r7 added a commit that referenced this pull request Oct 23, 2019
@wchen-r7 wchen-r7 merged commit de3cde6 into rapid7:master Oct 23, 2019
3 checks passed
3 checks passed
Metasploit Automation - Sanity Test Execution Successfully completed all tests.
Details
Metasploit Automation - Test Execution Successfully completed all tests.
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
@wchen-r7

This comment has been minimized.

Copy link
Contributor

wchen-r7 commented Oct 23, 2019

Release Notes

This module exploits a directory traversal vulnerability in ThinVNC versions 1.0b1 and prior which allows unauthenticated users to retrieve arbitrary files, including the ThinVNC configuration file.

msjenkins-r7 added a commit that referenced this pull request Oct 23, 2019
@bcoles bcoles deleted the bcoles:thinvnc_traversal branch Oct 23, 2019
@bcoles bcoles added the rn-modules label Oct 24, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.