module
Syncovery For Linux Web-GUI Session Token Brute-Forcer
| Disclosed | Created |
|---|---|
| Sep 6, 2022 | Dec 14, 2022 |
Disclosed
Sep 6, 2022
Created
Dec 14, 2022
Description
This module attempts to brute-force a valid session token for the Syncovery File Sync & Backup Software Web-GUI
by generating all possible tokens, for every second between 'DateTime.now' and the given X day(s).
By default today and yesterday (DAYS = 1) will be checked. If a valid session token is found, the module stops.
The vulnerability exists, because in Syncovery session tokens are basically just base64(m/d/Y H:M:S) at the time
of the login instead of a random token.
If a user does not log out (Syncovery v8.x has no logout) session tokens will remain valid until reboot.
by generating all possible tokens, for every second between 'DateTime.now' and the given X day(s).
By default today and yesterday (DAYS = 1) will be checked. If a valid session token is found, the module stops.
The vulnerability exists, because in Syncovery session tokens are basically just base64(m/d/Y H:M:S) at the time
of the login instead of a random token.
If a user does not log out (Syncovery v8.x has no logout) session tokens will remain valid until reboot.
Author
Jan Rude
Platform
Linux
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.