Update and rename soplanning-default-login.yaml to soplanning-default-login.yaml

2024-05-07 18:27:45 +05:30 · 2024-05-07 18:27:45 +05:30 · 70e83cd834
parent ca5cd4e814
commit 70e83cd834
1 changed files with 13 additions and 10 deletions
--- a/http/default-logins/soplanning/soplanning-default-login.yaml
+++ b/http/default-logins/soplanning/soplanning-default-login.yaml
@ -1,9 +1,9 @@
-id: SOPlanning-default-login
+id: soplanning-default-login

 info:
-  name: SOPlanning Online Planning tool defualt login
+  name: SOPlanning - Default Login
  author: Kazgangap
-  severity: info
+  severity: high
  description: |
    SOPlanning contains default credentials. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations.
  reference:
@ -12,6 +12,8 @@ info:
    vendor: soplanning
    product: soplanning
    shodan-query: html:"soplanning"
+    verified: true
+    max-request: 1
  tags: soplanning,default-login

 http:
@ -20,25 +22,26 @@ http:
        POST /process/login.php HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded
-        
+
        login={{username}}&password={{password}}
-        
+
    attack: pitchfork
    payloads:
      username:
        - admin
      password:
        - admin
-        
+
    redirects: true
    matchers-condition: and
    matchers:
-      - type: status
-        status:
-          - 200
      - type: word
        words:
          - 'title="Logout"'
          - 'title="Modify my profile"'
          - 'Settings'
-        condition: and
+        condition: and
+
+      - type: status
+        status:
+          - 200