CVE-2004-2271 PoC — MiniShare超长URL处理远程任意指令执行漏洞

Source

https://github.com/PercussiveElbow/CVE-2004-2271-MiniShare-1.4.1-Buffer-Overflow

Associated Vulnerability

Title:MiniShare超长URL处理远程任意指令执行漏洞 (CVE-2004-2271)
Description:MiniShare是一款文件共享系统。 MiniShare对超长URL请求处理不正确，远程攻击者可以利用这个漏洞对服务程序进行缓冲区溢出，可能以进程权限执行任意指令。攻击者提交超长的HTTP GET请求，可发生缓冲区溢出，尽心构建提交数据可能以进程权限执行任意指令。

Readme

# [CVE 2004-2271] MiniShare-1.4.1-Buffer-Overflow
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2271

Usage in file, generates a msfvenom payload automatically because I'm lazy.


Ported from:

https://www.exploit-db.com/exploits/636/

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/minishare_get_overflow.rb

# LICENSE:

Don't do anything illegal with this, feel free to edit/reupload/etc it otherwise.

File Snapshot


 [4.0K]  /data/pocs/7a216d3dcb3f057ea48dd24d18aac0b4806d8d5d
├── [2.4K]  minishare_bo.py
└── [ 456]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!