httpdx 1.4.4 and earlier allows remote attackers to obtain the source code for a web page by appending a . (dot) character to the URI.
httpdx 1.4.4 and earlier is vulnerable to a critical flaw allowing remote attackers to disclose the source code of web pages. This vulnerability, triggered by appending a '.' (dot) to the URL, enables attackers to gain sensitive information, potentially leading to further exploitation and system compromise.
Step 1: Target Identification: Identify a web page hosted by an httpdx server running version 1.4.4 or earlier.
Step 2: Crafting the Payload: Construct a URL by appending a '.' (dot) character to the end of the target web page's URI (e.g., http://target.com/index.html.).
Step 3: Payload Delivery: Send the crafted URL as an HTTP GET request to the vulnerable server.
Step 4: Vulnerability Trigger: The server processes the request and, due to the lack of input validation, attempts to retrieve the source code file.
Step 5: Information Disclosure: The server responds with the source code of the requested web page, revealing the underlying code to the attacker.
The vulnerability stems from inadequate input validation within the httpdx web server. Specifically, the server fails to properly sanitize the requested URI before attempting to serve the content. The server likely uses a file system lookup based on the URI. By appending a '.' character, the server's logic is tricked into returning the source code file instead of rendering the intended webpage. This bypasses any intended access controls and exposes the underlying code.