Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Qizhi Fortressaircraft Unauthorized Access" module is designed to detect unauthorized access vulnerabilities in the Qizhi Fortressaircraft software. This module focuses on identifying potential security weaknesses that could allow unauthorized users to gain access to the software without proper authentication or authorization. The severity of this vulnerability is classified as high, indicating the potential for significant impact if exploited.
If the Qizhi Fortressaircraft software is vulnerable to unauthorized access, it could lead to unauthorized individuals gaining control over the system. This could result in unauthorized data access, manipulation, or even complete system compromise. The impact of such unauthorized access can be severe, potentially leading to data breaches, privacy violations, and disruption of critical operations.
The module works by sending a specific HTTP request to the Qizhi Fortressaircraft software and analyzing the response. The request template used by the module targets the "/audit/gui_detail_view.php" endpoint with specific parameters. For example:
GET /audit/gui_detail_view.php?token=1&id=%5C&uid=%2Cchr(97))%20or%201:%20print%20chr(121)%2bchr(101)%2bchr(115)%0d%0a%23&login=shterm
The module then applies matching conditions to the response to determine if the vulnerability is present. The matching conditions include checking for specific words in the response body, such as "错误的id" (incorrect ID), "审计管理员" (audit administrator), and "事件审计" (event audit). Additionally, the module verifies that the response status code is 200, indicating a successful request.
If the module detects the presence of the vulnerability based on the matching conditions, it will report the vulnerability as a potential unauthorized access issue in the Qizhi Fortressaircraft software.