RG-UAC Ruijie - Password Hashes Leak

What is the "RG-UAC Ruijie - Password Hashes Leak?" module?

The "RG-UAC Ruijie - Password Hashes Leak" module is designed to detect an information leakage vulnerability in multiple Firewall Devices from the vendor Ruijie Networks. This vulnerability exposes credentials, including usernames, roles, MD5 hashes, and additional user details, in the source code of the web admin login interface. The severity of this vulnerability is classified as high.

Impact

If exploited, this vulnerability can allow attackers to gain unauthorized access to the affected Firewall Devices. By obtaining the leaked credentials, attackers can potentially compromise the security of the network and perform malicious activities.

How does the module work?

The module works by performing specific HTTP requests and matching conditions to identify the presence of the vulnerability. It checks if the response body contains certain strings related to user roles, such as "super_admin," "guest_admin," or "reporter_admin." Additionally, it verifies that the HTTP response status code is 200.

Here is a simplified example of an HTTP request sent by the module:

GET /admin/login HTTP/1.1
Host: example.com

The module uses a combination of matching conditions, including the presence of specific strings in the response body and the expected HTTP response status code. These conditions must be met for the module to identify the vulnerability.

Note: The original authors of this module are ritikchaddha and galoget.