This exploit leverages a forgotten control vulnerability in Bonefire v0.7.1 to reinstall the default admin account by accessing the install module. It sends a request to the install endpoint and checks for the presence of the default admin credentials in the response.
Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target:Bonefire v0.7.1
No auth needed
Prerequisites:Network access to the target application · Install module must be accessible