Ashish Kunwar
Ashish Kunwar
i have some articles on it which have some info https://appcheck-ng.com/advisory-remote-code-execution-traccar-server/ jexl- https://blog.csdn.net/aqzwss/article/details/70225883 https://twitter.com/pyn3rd/status/1097519440089047041 hubl injection https://www.betterhacker.com/2018/12/rce-in-hubspot-with-el-injection-in-hubl.html
had u made sure of the hex values? while changing ip? also please contact the owner.. i only shared it
ok ok
yes, but i guess its not accepted.
name parameter is vulnerable to command injection so sending this post request along with valid session cookies will trigger the vuln and drop a file named CVE-2021-22123 in tmp folder
i am looking into it, this def. need some more digging.
using https://github.com/projectdiscovery/nuclei-templates/blob/193b968f4776a48663760e051695c4c1662c4b68/exposed-panels/fortiweb-panel.yaml you can find fortiweb panels supposed login request - POST /logincheck HTTP/1.1 Host: {{Hostname}} User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Connection:...
@ehsandeep good decision
https://packetstormsecurity.com/files/164423/Dahua-Authentication-Bypass.html
use python2 or fix this issue if you using python3 by adding brackets on the print statement ("\nUsage.........\n")