CVE-2016-4971 PoC — GNU Wget 安全漏洞

Source

https://github.com/gitcollect/CVE-2016-4971

Associated Vulnerability

Title:GNU Wget 安全漏洞 (CVE-2016-4971)
Description:GNU Wget是美国GNU社区的一套用于在网络上进行下载的自由软件，它支持通过HTTP、HTTPS以及FTP这三个最常见的TCP/IP协议下载。 GNU Wget存在安全漏洞。攻击者利用该漏洞通过将请求从HTTP重定向到特制的FTP资源来写入任意文件。

Description

CVE-2016-4971 written in nodejs

Readme

# CVE-2016-4971
On a server redirect from HTTP to a FTP resource, wget would trust the HTTP server and uses the name in the redirected URL as the destination filename.

See the [post](https://blog.0xbbc.com/2016/06/wget%E6%BC%8F%E6%B4%9Ecve-2016-4971/) on my blog for some detail.

### Usage
On your server, 
```node wget.js```

On your test computer, 
```wget http://url.to.your/server```

### Screenshots
![screenshot 1](https://raw.githubusercontent.com/BlueCocoa/CVE-2016-4971/master/screenshot-1.jpg)

![screenshot 2](https://raw.githubusercontent.com/BlueCocoa/CVE-2016-4971/master/screenshot-2.jpg)

File Snapshot


 [4.0K]  /data/pocs/67326f0bf1a8054921cf76ee434d76bd8cfad17b
├── [ 606]  README.md
├── [321K]  screenshot-1.jpg
├── [688K]  screenshot-2.jpg
└── [5.5K]  wget.js

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!