daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add versa-default-login template (#1324) 

* Add versa-default-login template

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
patch-1
David McKennirey 2022-01-20 13:16:51 -05:00 committed by GitHub
parent bac26e1669
commit 5c99a65e8e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 66 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
default-logins/versa/versa-default-login.yaml Normal file
View File

@ -0,0 +1,46 @@
id: versa-default-login
info:
name: Versa Networks SD-WAN Application Default Login
author: davidmckennirey
severity: high
description: Searches for default admin credentials for the Versa Networks SD-WAN application.
tags: default-login,versa,sdwan
requests:
- raw:
- |
GET /versa/login.html HTTP/1.1
Host: {{Hostname}}
Accept-Encoding: gzip, deflate
- |
POST /versa/login HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
username={{user}}&password={{pass}}&sso=systemRadio
attack: pitchfork
payloads:
user:
- Administrator
pass:
- versa123
cookie-reuse: true
req-condition: true
matchers-condition: and
matchers:
- type: dsl
dsl:
- 'status_code_2 == 302'
- "contains(tolower(all_headers_2), 'jsessionid')"
- "contains(tolower(all_headers_2), 'location: /versa/index.html')"
condition: and
- type: dsl
dsl:
- "contains(tolower(all_headers_2), '/login?error=true')"
- "contains(tolower(all_headers_2), '/login?tokenmissingerror=true')"
negative: true

20
exposed-panels/versa-sdwan.yaml Normal file
View File

@ -0,0 +1,20 @@
id: versa-sdwan
info:
name: Versa Networks SD-WAN Application
author: pdteam
severity: info
tags: panel,versa,sdwan
requests:
- method: GET
path:
- "{{BaseURL}}/versa/login.html"
redirects: true
max-redirects: 2
matchers:
- type: word
words:
- "Versa Networks"