daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

more fixes

patch-1
sandeep 2021-10-10 06:59:57 +05:30
parent 6ad463dfb2
commit 4a303b89e8
1 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
default-logins/glpi/glpi-default-login.yaml
View File

@ -1,4 +1,5 @@
id: glpi-default-login id: glpi-default-login
info: info:
name: GLPI Default Login name: GLPI Default Login
author: andysvints author: andysvints
@ -20,17 +21,14 @@ requests:
Content-Type: application/x-www-form-urlencoded Content-Type: application/x-www-form-urlencoded
Referer: {{BaseURL}} Referer: {{BaseURL}}
{{name}}={{username}}&{{passwords}}={{password}}&auth=local&submit=Submit&_glpi_csrf_token={{token}} {{name}}={{user}}&{{password}}={{pass}}&auth=local&submit=Submit&_glpi_csrf_token={{token}}
payloads:
username:
- glpi
password:
- glpi
attack: pitchfork attack: pitchfork
payloads:
cookie-reuse: true user:
redirects: true - glpi
pass:
- glpi
extractors: extractors:
- type: regex - type: regex
@ -50,18 +48,20 @@ requests:
- "type=\"text\" name=\"([0-9a-z]+)\" id=\"login_name\" required=\"required\"" - "type=\"text\" name=\"([0-9a-z]+)\" id=\"login_name\" required=\"required\""
- type: regex - type: regex
name: passwords name: password
part: body part: body
internal: true internal: true
group: 1 group: 1
regex: regex:
- "type=\"password\" name=\"([0-9a-z]+)\" id=\"login_password\" required=\"required\"" - "type=\"password\" name=\"([0-9a-z]+)\" id=\"login_password\" required=\"required\""
cookie-reuse: true
matchers-condition: and matchers-condition: and
matchers: matchers:
- type: word - type: word
words: words:
- '<title>GLPI - Standard Interface</title>' - '<title>GLPI - Standard Interface</title>'
- type: status - type: status
status: status:
- 200 - 200