From 29d07d7748e0bc11d4042cf96416885572eb6e45 Mon Sep 17 00:00:00 2001
From: d33tah <d33tah@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Sun, 15 Sep 2013 15:45:01 +0000
Subject: [PATCH] Disallow any backslashes.

---
 ncat/scripts/httpd.lua | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/ncat/scripts/httpd.lua b/ncat/scripts/httpd.lua
index 25014c769..af421c125 100644
--- a/ncat/scripts/httpd.lua
+++ b/ncat/scripts/httpd.lua
@@ -197,7 +197,7 @@ function is_path_valid(resource)
         return false
     end
 
-    if first_char == "\\" then
+    if resource:find("\\") then
         return false
     end
 
@@ -206,11 +206,6 @@ function is_path_valid(resource)
         return false
     end
 
-    -- \.. and/or ..\?
-    if resource:find("\\%.%.\\?") or resource:find("\\?%.%.\\") then
-        return false
-    end
-
     return true
 end