minor - changes

patch-1
pussycat0x 2023-09-16 22:22:25 +05:30
parent 2948e37267
commit 7298fbee15
1 changed files with 14 additions and 5 deletions

View File

@ -2,7 +2,7 @@ id: empirec2-default-login
info:
name: Empire C2 / Starkiller Interface - Default Login
author: parzival
author: clem9669,parzival
severity: high
description: |
Empire C2 / Starkiller Default Administrator Credentials Discovered.
@ -12,7 +12,7 @@ info:
metadata:
max-request: 1
verified: true
tags: default-login,empire
tags: default-login,empire,c2
http:
- raw:
@ -32,20 +32,29 @@ http:
{{password}}
------WebKitFormBoundaryoZwyedGcQU4FrcFV--
- |
POST /api/admin/login HTTP/1.1
Host: {{Hostname}}
Content-Type: application/json
{"username":"{{user}}","password":"{{pass}}"}
attack: pitchfork
payloads:
username:
- empireadmin
password:
- 'password123'
- password123
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'access_token'
- 'token_type'
- '{"token":".*"}'
condition: or
- type: word
part: header