2020-12-15 23:35:43 +00:00
id : solarwinds-default-admin
info :
name : SolarWinds Orion Default Credentials
author : dwisiswant0
severity : high
2021-04-06 08:15:46 +00:00
tags : solarwinds,default-login
2020-12-15 23:35:43 +00:00
2020-12-16 12:51:52 +00:00
# Optional:
# POST /SolarWinds/InformationService/v3/Json/Create/Orion.Pollers HTTP/1.1
# {"PollerType":"Hello, world! from nuclei :-P", "NetObject":"N:1337", "NetObjectType":"N", "NetObjectID":1337}
# References:
# - https://github.com/solarwinds/OrionSDK/wiki/REST
2020-12-15 23:35:43 +00:00
requests :
- method : GET
path :
2021-02-07 09:11:16 +00:00
- "{{BaseURL}}/SolarWinds/InformationService/v3/Json/Query?query=SELECT+Uri+FROM+Orion.Pollers+ORDER+BY+PollerID+WITH+ROWS+1+TO+3+WITH+TOTALROWS" # First path is default base path
- "{{BaseURL}}/InformationService/v3/Json/Query?query=SELECT+Uri+FROM+Orion.Pollers+ORDER+BY+PollerID+WITH+ROWS+1+TO+3+WITH+TOTALROWS"
2020-12-15 23:35:43 +00:00
headers :
Authorization : "Basic YWRtaW46"
matchers-condition : and
matchers :
- type : word
words :
2021-02-07 09:11:16 +00:00
- "Content-Type: application/json"
2020-12-15 23:35:43 +00:00
part : header
- type : regex
regex :
- "(totalRow|result|swi)s(:\\/\\/)?"
- "(Orion\\.|Poller(ID)?)s?"
condition : and
part : body
- type : status
status :
- 200