CVE-2019-17662

This repository contains a functional Python exploit for CVE-2019-17662, an arbitrary file read vulnerability in ThinVNC. The exploit leverages path traversal to read sensitive files, including credentials from ThinVnc.ini, and includes improvements over the original PoC to bypass path normalization issues.

This repository contains a functional exploit for CVE-2019-17662, which targets ThinVNC 1.0b1. The exploit performs a directory traversal attack to read arbitrary files, specifically targeting the ThinVnc.ini file to extract credentials stored in cleartext.

This repository contains a functional Python exploit for CVE-2019-17662, which leverages a directory traversal vulnerability in ThinVNC to bypass authentication and fetch the ThinVnc.ini configuration file. The exploit uses prepared requests to bypass URL normalization in Python 3's requests module.

This script exploits CVE-2019-17662, a path traversal vulnerability in ThinVNC, to leak credentials stored in the ThinVnc.ini file. It sends a crafted HTTP request to retrieve sensitive information without authentication.

This Go-based exploit targets CVE-2019-17662, a directory traversal vulnerability in ThinVNC. It retrieves sensitive files (e.g., ThinVnc.ini) by manipulating paths, extracting credentials via regex parsing. The code includes robust error handling and connection testing.

This repository contains a functional exploit for CVE-2019-17662, which leverages a directory traversal vulnerability in ThinVNC 1.0b1 to read arbitrary files, including the configuration file containing plaintext credentials. The exploit constructs a malicious URL with path traversal sequences to fetch the ThinVnc.ini file and extracts credentials from it.

The repository claims to be a Golang implementation of CVE-2019-17662 (TinyVNC Arbitrary File Read leading to Authentication Bypass) but contains only a skeleton with no functional exploit logic. The `exploit` function merely resolves a DNS lookup and prints an IP, with no actual exploitation code.

This exploit bypasses authentication in ThinVNC 1.0b1 by reading arbitrary files via a path traversal vulnerability. It specifically targets the ThinVnc.ini file to extract sensitive configuration data.

This Metasploit module exploits a directory traversal vulnerability in ThinVNC versions 1.0b1 and prior, allowing unauthenticated users to retrieve arbitrary files, including the ThinVNC configuration file. It sends a crafted HTTP request with traversal sequences to read the specified file.