Tongda User Session Disclosure

What is the "Tongda User Session Disclosure?"

The "Tongda User Session Disclosure" module is designed to detect a specific vulnerability in the Tongda software. This vulnerability allows an attacker to disclose user session information, potentially leading to unauthorized access to sensitive data. The severity of this vulnerability is classified as medium.

This module was authored by ritikchaddha.

Impact

If exploited, the Tongda User Session Disclosure vulnerability can result in the exposure of user session information. This can lead to unauthorized access to user accounts and potentially compromise sensitive data.

How the module works?

The Tongda User Session Disclosure module works by sending an HTTP POST request to the "/general/userinfo.php?UID=1" endpoint. It then applies a set of matching conditions to determine if the vulnerability is present.

The matching conditions for this module are as follows:

- The response body must contain the words "\"dept_name\":\"" and "\"online_flag\":" - The request header must contain the word "application/json" - The HTTP response status code must be 200

If all of these conditions are met, the module will report the vulnerability.

Here is an example of the HTTP request sent by the module:

POST /general/userinfo.php?UID=1 HTTP/1.1
Host: [target_host]
Content-Type: application/json

[request_body]

Note: [target_host] and [request_body] are placeholders and should be replaced with the actual target host and request body.

For more information, you can refer to the reference provided.

Metadata: max-request: 1