Shulou(Shulou.com)05/31 Report--

This article shows you how the reproduction of Lanproxy arbitrary file reading vulnerability CVE-2021-3019 is like, the content is concise and easy to understand, it can definitely brighten your eyes. I hope you can get something through the detailed introduction of this article.

Introduction to 0x00

Lanproxy is an intranet penetration tool that proxies LAN PCs and servers to the public network. It supports tcp traffic forwarding and any tcp upper layer protocol (visiting intranet website, local payment interface debugging, ssh access, remote desktop.). At present, similar services are available in the market, such as peanut shell, TeamView, GoToMyCloud, etc., but to use a third-party public network server, you must pay for a third party, and these services have various restrictions. In addition, because packets flow through third parties, it is also a major hidden danger to data security.

Overview of 0x01 vulnerabilities

Lanproxy1.0 reads arbitrary files by.. / bypass. The vulnerability allows directory traversal to read /.. / conf/config.properties to obtain credentials for intranet connections.

0x02 affects version

Lanproxy1.0

0x03 environment building

1. Download the Lanproxy installation package at:

Https://file.nioee.com/d/2e81550ebdbd416c933f/

two。 After decompression, move to / usr/local directory.

Mv proxy-server-0.1/ / usr/local/

3. Enter the proxy-server-0.1 bin directory to add execution permission to startup.sh, and then start the service

Cd proxy-server-0.1/bin

Chmod + x startup.sh

. / startup.sh

4. When you access http://your-ip:8090 in the browser, the following login interface launches successfully

Recurrence of 0x04 vulnerabilities

1. On the login page, grab the package using Burp and send it to Repeater (playback module)

two。 Construct the following link in url to read the configuration file

/.. / conf/config.properties

3. Modify payload to read sensitive files

.. / etc/passwd

0x05 repair recommendation

1. At present, the manufacturer has issued an upgrade patch to fix the vulnerability, and the patch gets the link:

Https://github.com/ffay/lanproxy/commits/master

The above content is the reproduction of the Lanproxy arbitrary file reading vulnerability CVE-2021-3019. Have you learned the knowledge or skills? If you want to learn more skills or enrich your knowledge reserve, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.