CVE-2021-3019 PoC — Ffay Lanproxy 路径遍历漏洞

Source

https://github.com/B1anda0/CVE-2021-3019

Associated Vulnerability

Title:Ffay Lanproxy 路径遍历漏洞 (CVE-2021-3019)
Description:Ffay Lanproxy是Ffay个人开发者的一个可将局域网内服务代理到公网的内网穿透工具。 ffay lanproxy 0.1 存在路径遍历漏洞，该漏洞允许目录遍历读取/../conf/config.properties来获取到内部网连接的凭据。

Description

lanproxy 目录遍历漏洞批量检测 (CVE-2021-3019)

Readme

## 使用方法&免责声明

 lanproxy 目录遍历漏洞批量检测 (CVE-2021-3019)

使用方法：`Python CVE-2021-3019.py urls.txt`

urls.txt 中每个url为一行，漏洞地址输出在vul.txt中

##### 影响版本：

lanproxy 0.1



工具仅用于安全人员安全测试，任何未授权检测造成的直接或者间接的后果及损失，均由使用者本人负责

File Snapshot


 [4.0K]  /data/pocs/3c01ec2c24fa390bf6e343ed5708ca02258415b2
├── [ 64K]  CVE-2021-3019.png
├── [1.9K]  CVE-2021-3019.py
└── [ 396]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!