sandeep 2022-04-18 20:49:46 +05:30
commit 8d10b83837
3 changed files with 73 additions and 0 deletions

View File

@ -14,6 +14,7 @@ cves/2022/CVE-2022-23347.yaml
cves/2022/CVE-2022-25216.yaml
default-logins/fuelcms/fuelcms-default-login.yaml
default-logins/jinher-oa-default-login.yaml
default-logins/supermicro/supermicro-default-login.yaml
exposed-panels/avaya/avayaaura-cm-panel.yaml
exposed-panels/avaya/avayaaura-system-manager-panel.yaml
exposed-panels/bigant-login-panel.yaml
@ -27,6 +28,7 @@ exposed-panels/lantronix-webmanager-panel.yaml
exposed-panels/lenovo-thinkserver-panel.yaml
exposed-panels/mspcontrol-login.yaml
exposed-panels/neo4j-browser.yaml
exposed-panels/openwrt-login.yaml
exposed-panels/orchid-vms-panel.yaml
exposed-panels/quantum-scalar-detect.yaml
exposed-panels/spiderfoot.yaml

View File

@ -0,0 +1,41 @@
id: supermicro-default-login
info:
name: Supermicro Ipmi Default Login
author: For3stCo1d
severity: high
reference:
- https://www.gearprimer.com/wiki/supermicro-ipmi-default-username-pasword/
tags: supermicro,default-login
requests:
- raw:
- |
POST /cgi/login.cgi HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
name={{user}}&pwd={{pass}}
attack: pitchfork
payloads:
user:
- ADMIN
- admin
pass:
- ADMIN
- admin
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'self.location='
- '/cgi/url_redirect.cgi?url_name=mainmenu'
condition: and
- type: status
status:
- 200

View File

@ -0,0 +1,30 @@
id: openwrt-login
info:
name: Opentwrt Login Detect
author: For3stCo1d
severity: info
reference: https://openwrt.org
metadata:
shodan-query: http.title:"OpenWrt - LuCI"
tags: openwrt,default-login,router
requests:
- method: GET
path:
- "{{BaseURL}}"
redirects: true
max-redirects: 2
matchers:
- type: word
part: body
words:
- '<title>OpenWrt'
extractors:
- type: regex
part: body
group: 1
regex:
- '(?i)OpenWrt ([A-Z0-9.]+)'