m3ng9i/ran

Directory Traversal Vulnerability

Closed this issue · 1 comments

cry-inc commented

The server will serve files outside the specified root.

Version: v0.1.5
OS: Windows 10
Binary: Precompiled Windows x64 v0.1.5 downloaded on the release pages

Steps to reproduce on Windows (did not test any other OS):

  1. Download precompiled binary and extract
  2. Create folder C:\htdocs
  3. Start ran with ".\ran_windows_amd64.exe -root=C:\htdocs"
  4. Run "wget http://127.0.0.1:8080/foobar\..\..\Windows\win.ini" (does not work in browsers, they will clean the URL first)

When using -listdir=true its also possible to browse folders and navigate around.

m3ng9i commented

Thanks, I've update the code, try v0.1.6.

  • 👍1