BOOK THIS SPACE FOR AD
ARTICLE ADHello Friends,
This is my First writeup, how I was able to find & exploit CVE-2022–21500 & get all Employees Data of a company.
Let’s Start the Hacking !
1- In the Shodan Search Engine I was Searching for the IPs of a Company.
hostname:<target.com>
During my Search I found an interesting IP which belongs to the target.com
2- Then I passed this IP to Nuclei to discover the Vulnerabilities.
nuclei -u https://<ip>
3- Nuclei detected :
CVE-2022–21500] [http] [high] https://<ip>/OA_HTML/ibeCAcpSSOReg.jsp
I searched for this CVE-2022–21500 on the internet, what is it & how to exploit it?
And Here, the Exploit Process which allowed me to access all the employees data.
1- Pasted this URL in Browser: https://<ip>/OA_HTML/ibeCAcpSSOReg.jsp
Clicked on Register as individual
Filled the Required Details with my Gmail Account & Submit
2-After the submission, Immediately I got the Confirmation email with the Login Credentials.
Logged in With the Credentials & Accessed the Internal Portal Successfully.
3- Clicked on the Setting icon > Managed Proxies
4- Clicked Run Proxy Report.
5- On Username Box: typed any letter like a, b c ..z
6- Changed the existing date and clicked on the Search icon in the Username Box.
7- Then immediately got all the employees details. Also when I changed the letters like b, c,....z then all the details were exposing
After Seeing this Data, I was completely surprised.
Status: Duplicate
References:
I hope you liked it.
Thanks for Reading !