Preface
Lanproxy is an intranet penetration tool that proxies LAN personal computers and servers to the public network. It supports tcp traffic forwarding, and can support any tcp upper layer protocol (access to intranet websites, local payment interface debugging, ssh access, remote desktop... ). At present, there are peanut shell, TeamView, GoToMyCloud, etc. on the market that provide similar services, but to use a third-party public network server, you must pay for the third party, and these services have various restrictions. In addition, due to the data package It will flow through a third party, so it is also a major hidden danger to data security. CVE-2020-3019 lanproxy directory traversal vulnerability and exploit POC are disclosed on the Internet. The attacker constructs a malicious request, can directly obtain the lanproxy configuration file, and log in to the lanproxy management background to enter the intranet.
Vulnerability recurrence
fofa fingerprint: header= "Server: LPS-0.1"
poc
Vulnerability analysis
Reference link
https://github.com/ffay/lanproxy