CVE-2020-24227 PoC — Playground Sessions 信息泄露漏洞

Source

https://github.com/nathunandwani/CVE-2020-24227

Associated Vulnerability

Title:Playground Sessions 信息泄露漏洞 (CVE-2020-24227)
Description:GraphQL Playground是德国Prisma实验室的一款基于GraphiQL的图形化、交互式、浏览器内的GraphQL IDE（集成开发环境）。 Playground Sessions v2.5.582版本及之前版本存在安全漏洞，该漏洞源于以明文形式存储用户凭据，允许任何人访问UserProfiles.sol提取电子邮件和密码。

Description

Playground Sessions - Storing User Credentials in Plaintext

Readme

# CVE-2020-24227
Playground Sessions - Storing User Credentials in Plaintext

Playground Sessions v2.5.582 (and earlier) for Windows, stores the user credentials in plain text allowing anyone with access to C:\Users\<USER>\AppData\Roaming\Playground\Local Store\#SharedObjects\Playground.swf\UserProfiles.sol to extract the email and password.

Login Page:<br><br>
![alt text](https://github.com/nathunandwani/CVE-2020-24227/blob/main/login-page.jpg?raw=true)

Password:<br><br>
![alt text](https://github.com/nathunandwani/CVE-2020-24227/blob/main/password.jpg?raw=true)

<br><br>Disclosure Timeline:<br>
*August 18, 2020 - Reported to info@playgroundsessions.com - Gave 90 day disclosure timeline - No response
*November 21, 2020 - Public Disclosure

File Snapshot


 [4.0K]  /data/pocs/88ff0ff36fbb53fa53ecff6c6cd29ed924d62442
├── [ 23K]  login-page.jpg
├── [298K]  password.jpg
└── [ 751]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!