more fixes
sandeep
parent
6ad463dfb2
commit
4a303b89e8
|
|
@ -1,4 +1,5 @@
|
|||
id: glpi-default-login
|
||||
|
||||
info:
|
||||
name: GLPI Default Login
|
||||
author: andysvints
|
||||
|
|
@ -20,17 +21,14 @@ requests:
|
|||
Content-Type: application/x-www-form-urlencoded
|
||||
Referer: {{BaseURL}}
|
||||
|
||||
{{name}}={{username}}&{{passwords}}={{password}}&auth=local&submit=Submit&_glpi_csrf_token={{token}}
|
||||
{{name}}={{user}}&{{password}}={{pass}}&auth=local&submit=Submit&_glpi_csrf_token={{token}}
|
||||
|
||||
payloads:
|
||||
username:
|
||||
- glpi
|
||||
password:
|
||||
- glpi
|
||||
attack: pitchfork
|
||||
|
||||
cookie-reuse: true
|
||||
redirects: true
|
||||
payloads:
|
||||
user:
|
||||
- glpi
|
||||
pass:
|
||||
- glpi
|
||||
|
||||
extractors:
|
||||
- type: regex
|
||||
|
|
@ -50,18 +48,20 @@ requests:
|
|||
- "type=\"text\" name=\"([0-9a-z]+)\" id=\"login_name\" required=\"required\""
|
||||
|
||||
- type: regex
|
||||
name: passwords
|
||||
name: password
|
||||
part: body
|
||||
internal: true
|
||||
group: 1
|
||||
regex:
|
||||
- "type=\"password\" name=\"([0-9a-z]+)\" id=\"login_password\" required=\"required\""
|
||||
|
||||
cookie-reuse: true
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- '<title>GLPI - Standard Interface</title>'
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
|
|
|
|||
Loading…
Reference in New Issue