CVE-2020-29134

This script exploits a path traversal vulnerability in Fluig 1.7.0, allowing unauthorized access to sensitive files such as domain.xml, passwd, and desktop.ini. It uses wfuzz to enumerate paths and curl to retrieve file contents, demonstrating the vulnerability effectively.

This repository contains a functional exploit script for CVE-2020-29134, a path traversal vulnerability in TOTVS Fluig Platform. The script automates the exploitation process by generating base64-encoded payloads to read sensitive files like domain.xml, which may contain database credentials and LDAP configurations.

This repository contains a functional exploit script for CVE-2020-29134, a path traversal vulnerability in TOTVS Fluig Platform. The script automates the exploitation process, allowing attackers to read sensitive files like domain.xml, which contains database credentials and LDAP configurations.

This repository contains a functional exploit script for CVE-2020-29134, a path traversal vulnerability in TOTVS Fluig Platform. The script automates the exploitation process by generating base64-encoded payloads to read sensitive files like domain.xml, /etc/passwd, and other system files.