S4E

Apache Axis2 Directory Traversal Vulnerability Scanner

You can scan Apache Axis2 Directory Traversal Vulnerability by using this tool.

Short Info


Level

High

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

15 seconds

Time Interval

6 days

Scan only one

Domain, IPv4

Toolbox

-

Exploits a directory traversal vulnerability in Apache Axis2 version 1.4.1 by sending a specially crafted request to the parameter xsd (BID 40343). By default it will try to retrieve the configuration file of the Axis2 service '/conf/axis2.xml' using the path '/axis2/services/' to return the username and password of the admin account.

To exploit this vulnerability we need to detect a valid service running on the installation so we extract it from /listServices before exploiting the directory traversal vulnerability. By default it will retrieve the configuration file, if you wish to retrieve other files you need to set the argument http-axis2-dir-traversal.file correctly to traverse to the file's directory. Ex. ../../../../../../../../../etc/issue

Reference:

Get started to protecting your Free Full Security Scan