daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #9480 from denandz/main 

Fix Wazuh default credentials template
patch-1
Dhiyaneshwaran 2024-04-08 12:59:47 +05:30 committed by GitHub
parent e6a7bcfcbd 967fcdd3a1
commit 1ae53f6235
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 19 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
http/default-logins/wazuh-default-login.yaml
View File

@ -2,33 +2,45 @@ id: wazuh-default-login
info: info:
name: Wazuh - Default Login name: Wazuh - Default Login
author: theamanrawat author: theamanrawat,denandz,PulseSecurity.co.nz
severity: high severity: high
description: | description: |
Wazuh contains default credentials. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. Wazuh contains default credentials. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations.
reference: reference:
- https://documentation.wazuh.com/current/user-manual/user-administration/password-management.html - https://documentation.wazuh.com/current/user-manual/user-administration/password-management.html
- https://wazuh.com - https://wazuh.com
- https://documentation.wazuh.com/current/deployment-options/docker/wazuh-container.html#single-node-deployment
metadata: metadata:
verified: true verified: true
max-request: 4 max-request: 6
shodan-query: title:"Wazuh" shodan-query: title:"Wazuh"
tags: wazuh,default-login tags: wazuh,default-login
http: http:
- method: GET
path:
- "{{BaseURL}}/app/login"
extractors:
- type: regex
part: body
name: osd
group: 1
internal: true
regex:
- '"version":"([0-9.]+)"'
- raw: - raw:
- |
GET /app/login?nextUrl=%2Fapp%2Fwazuh HTTP/1.1
Host: {{Hostname}}
- | - |
POST /auth/login HTTP/1.1 POST /auth/login HTTP/1.1
Host: {{Hostname}} Host: {{Hostname}}
Osd-Version: {{osd}} Osd-Version: {{osd}}
osd-xsrf: osd-fetch
Content-Type: application/json Content-Type: application/json
{"username":"{{username}}","password":"{{password}}"} {"username":"{{username}}","password":"{{password}}"}
attack: pitchfork attack: clusterbomb
payloads: payloads:
username: username:
- "admin" - "admin"
@ -36,6 +48,7 @@ http:
password: password:
- "admin" - "admin"
- "wazuh" - "wazuh"
- "SecretPassword"
stop-at-first-match: true stop-at-first-match: true
matchers-condition: and matchers-condition: and
@ -56,13 +69,3 @@ http:
- type: status - type: status
status: status:
- 200 - 200
extractors:
- type: regex
name: osd
group: 1
regex:
- '"version":"([0-9.]+)"'
internal: true
# digest: 4b0a00483046022100de2c876067d0aa43fb62771bff3c3adea76873a9f0982f98856a1ed321b58d48022100a60ef9271fd209ecadc68b365c82e4176cd78fe24526dcbe7a8cd8772b0337cf:922c64590222798bb761d5b6d8e72950