Path traversal vulnerabilities exists in many web applications. Nmap NSE gives penetration testers the ability to quickly write scripts to exploit them. Lua also supports string captures, which help a lot when extracting information using patterns with a simpler syntax than regular expressions.
This recipe will teach you how to write an NSE script to exploit a path traversal vulnerability existing in some models of TP-link routers.
We will write an NSE script that exploits a path traversal vulnerability in several TP-link routers. We will take advantage of a few NSE libraries and Lua's string library:
- Create the file
http-tplink-dir-traversal.nse
and fill the required NSE information tags:
description = [[ Exploits a directory traversal vulnerability existing in several TP-link wireless routers. Attackers may exploit this vulnerability to read any of the configuration and password files remotely and without...