Vulners
Lucene search
Hades RAT Web Panel Insecure Credential Storage Vulnerability
Original source: https://malvuln.com/advisory/c4cc1317aea42f7dd4a1b786c5278a24.txt
Contact: [email protected]
Media: twitter.com/malvuln
Threat: Hades RAT - Web Panel
Vulnerability: Insecure Credential Storage
Family: Hades
Type: WebUI
MD5: c4cc1317aea42f7dd4a1b786c5278a24
MD5: a117b7fa4691b766dd5aa6455438fded (strings.ini)
Vuln ID: MVID-2022-0512
Disclosure: 03/13/2022
Description: The Hades Rat malware web-panel listens on Port 80 and stores its weak password "megapass" in plaintext in the strings.ini file.
Exploit/PoC:
"strings.ini"
[identifiant]
mdp = "megapass"
[strings]
error_mdp = "Error Password False..."
form_mdp = "Please put your password."
form_valid = "Send !"
com_header = "Write your commands for your bot(s)"
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
15 Mar 2022 00:00Current
7.4High risk
Vulners AI Score7.4