daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

minor cleanups and matcher update

patch-1
sandeep 2022-01-19 23:20:03 +05:30
parent 5d171e544f
commit 1d7257d4d9
1 changed files with 19 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
default-logins/gophish/gophish-default-credentials.yaml
View File

@ -2,7 +2,7 @@ id: gophish-default-credentials
info: info:
name: Gophish < v0.10.1 default credentials name: Gophish < v0.10.1 default credentials
author: arcc author: arcc,dhiyaneshDK
severity: high severity: high
tags: gophish,default-login tags: gophish,default-login
@ -11,21 +11,21 @@ requests:
- | - |
GET /login HTTP/1.1 GET /login HTTP/1.1
Host: {{Hostname}} Host: {{Hostname}}
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.150 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7
Connection: close
- | - |
POST /login HTTP/1.1 POST /login HTTP/1.1
Host: {{Hostname}} Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.150 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7
username=admin&password=gophish&csrf_token={{replace(url_encode(html_unescape(csrf_token)), "+", "%2B")}} username={{user}}&password={{pass}}&csrf_token={{replace(url_encode(html_unescape(csrf_token)), "+", "%2B")}}
attack: pitchfork
payloads:
user:
- admin
pass:
- gophish
cookie-reuse: true cookie-reuse: true
extractors: extractors:
- type: regex - type: regex
@ -35,12 +35,12 @@ requests:
group: 1 group: 1
regex: regex:
- 'name="csrf_token" value="(.+?)"' - 'name="csrf_token" value="(.+?)"'
matchers-condition: and
matchers: matchers:
- type: status - type: dsl
status: dsl:
- 302 - "!contains(tolower(all_headers), 'location: /login')"
- type: word - "contains(tolower(all_headers), 'location: /')"
words: - "contains(tolower(all_headers), 'gophish')"
- "Location: /" - "status_code==302"
part: header condition: and