Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add ThinVNC Directory Traversal module #12464

Merged
merged 2 commits into from Oct 23, 2019
Merged

Conversation

@bcoles
Copy link
Contributor

@bcoles bcoles commented Oct 17, 2019

Add ThinVNC Directory Traversal module.

    This module exploits a directory traversal vulnerability in ThinVNC
    versions 1.0b1 and prior which allows unauthenticated users to retrieve
    arbitrary files, including the ThinVNC configuration file.

    This module has been tested successfully on ThinVNC versions 1.0b1
    and "ThinVNC_Latest" (2018-12-07).
@wchen-r7 wchen-r7 self-assigned this Oct 23, 2019
@wchen-r7
Copy link
Contributor

@wchen-r7 wchen-r7 commented Oct 23, 2019

Very straight forward and the module works for me. Very nice!

msf5 auxiliary(scanner/http/thinvnc_traversal) > run

[+] File ThinVnc.ini saved in: /Users/wchen/.msf4/loot/20191023123634_default_172.16.135.133_thinvnc.traversa_795248.txt
[+] Found credentials: admin:admin
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

@wchen-r7 wchen-r7 merged commit de3cde6 into rapid7:master Oct 23, 2019
3 checks passed
@wchen-r7
Copy link
Contributor

@wchen-r7 wchen-r7 commented Oct 23, 2019

Release Notes

This module exploits a directory traversal vulnerability in ThinVNC versions 1.0b1 and prior which allows unauthenticated users to retrieve arbitrary files, including the ThinVNC configuration file.

@bcoles bcoles deleted the thinvnc_traversal branch Oct 23, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

2 participants