From 08324918439629cc2b2055a2d6a3b3c935ab6ac2 Mon Sep 17 00:00:00 2001 From: sandeep Date: Sat, 17 Jul 2021 23:28:19 +0530 Subject: [PATCH 1/4] Added Dell EMC ECOM Default Credentials --- .../dell-emc-ecom-default-credentials.yaml | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 default-logins/dell/dell-emc-ecom-default-credentials.yaml diff --git a/default-logins/dell/dell-emc-ecom-default-credentials.yaml b/default-logins/dell/dell-emc-ecom-default-credentials.yaml new file mode 100644 index 0000000000..5c46e83359 --- /dev/null +++ b/default-logins/dell/dell-emc-ecom-default-credentials.yaml @@ -0,0 +1,31 @@ +id: dell-emc-ecom-default-credentials + +info: + name: Dell EMC ECOM Default Credentials + author: Techryptic (@Tech) + severity: high + description: Default Credentials of admin:#1Password on Dell EMC ECOM application. + reference: https://www.dell.com/support/kbdoc/en-za/000171270/vipr-controller-operation-denied-by-clariion-array-you-are-not-privileged-to-perform-the-requested-operation + tags: dell,emc,ecom,default-login + +requests: + - method: GET + path: + - '{{BaseURL}}' + headers: + Authorization: Basic YWRtaW46IzFQYXNzd29yZA== + + matchers-condition: and + matchers: + - type: word + words: + - "Set-Cookie: ECOMSecurity" + part: header + + - type: word + words: + - "Welcome to ECOM" + + - type: status + status: + - 200 \ No newline at end of file From 8030b4635519e05fb0c5dd0c710a0f9a00f95a77 Mon Sep 17 00:00:00 2001 From: sandeep Date: Sat, 17 Jul 2021 23:30:55 +0530 Subject: [PATCH 2/4] Added HortonWorks SmartSense Default Credentials --- ...nworks-smartsense-default-credentials.yaml | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 default-logins/hortonworks/hortonworks-smartsense-default-credentials.yaml diff --git a/default-logins/hortonworks/hortonworks-smartsense-default-credentials.yaml b/default-logins/hortonworks/hortonworks-smartsense-default-credentials.yaml new file mode 100644 index 0000000000..132cee76fd --- /dev/null +++ b/default-logins/hortonworks/hortonworks-smartsense-default-credentials.yaml @@ -0,0 +1,31 @@ +id: hortonworks-smartsense-default-credentials + +info: + name: HortonWorks SmartSense Default Credentials + author: Techryptic (@Tech) + severity: high + description: Default Credentials of admin:admin on HortonWorks SmartSense application. + reference: https://docs.cloudera.com/HDPDocuments/SS1/SmartSense-1.2.2/bk_smartsense_admin/content/manual_server_login.html + tags: hortonworks,smartsense,default-login + +requests: + - method: GET + path: + - '{{BaseURL}}/apt/v1/context' + headers: + Authorization: Basic YWRtaW46YWRtaW4= + + matchers-condition: and + matchers: + - type: word + words: + - "Set-Cookie: SUPPORTSESSIONID" + part: header + + - type: word + words: + - "smartsenseId" + + - type: status + status: + - 200 \ No newline at end of file From 78e7242792d12292cf77cade1a7e49903e7d789a Mon Sep 17 00:00:00 2001 From: sandeep Date: Sat, 17 Jul 2021 23:35:39 +0530 Subject: [PATCH 3/4] Added Palo Alto Networks PAN-OS Default Credentials --- .../paloalto/panos-default-credentials.yaml | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 default-logins/paloalto/panos-default-credentials.yaml diff --git a/default-logins/paloalto/panos-default-credentials.yaml b/default-logins/paloalto/panos-default-credentials.yaml new file mode 100644 index 0000000000..15bc58afa5 --- /dev/null +++ b/default-logins/paloalto/panos-default-credentials.yaml @@ -0,0 +1,31 @@ +id: panos-default-credentials + +info: + name: Palo Alto Networks PAN-OS Default Credentials + author: Techryptic (@Tech) + severity: high + description: Default Credentials of admin:admin on Palo Alto Networks PAN-OS application. + reference: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/integrate-the-firewall-into-your-management-network/perform-initial-configuration.html#:~:text=By%20default%2C%20the%20firewall%20has,with%20other%20firewall%20configuration%20tasks. + tags: paloalto,panos,default-login + +requests: + - method: POST + path: + - '{{BaseURL}}/php/login.php' + + body: user=admin&passwd=admin&challengePwd=&ok=Login + + matchers-condition: and + matchers: + - type: word + words: + - "Set-Cookie: PHPSESSID" + part: header + + - type: word + words: + - "Warning: Your device is still configured with the default admin" + + - type: status + status: + - 200 \ No newline at end of file From 9e85e024d3090c0070fc28960c58a9330ff45dc0 Mon Sep 17 00:00:00 2001 From: sandeep Date: Sat, 17 Jul 2021 23:51:55 +0530 Subject: [PATCH 4/4] Added IDEMIA BIOMetrics Default Credentials --- ...idemia-biometrics-default-credentials.yaml | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 default-logins/idemia/idemia-biometrics-default-credentials.yaml diff --git a/default-logins/idemia/idemia-biometrics-default-credentials.yaml b/default-logins/idemia/idemia-biometrics-default-credentials.yaml new file mode 100644 index 0000000000..da3d4290e4 --- /dev/null +++ b/default-logins/idemia/idemia-biometrics-default-credentials.yaml @@ -0,0 +1,34 @@ +id: idemia-biometrics-default-credentials + +info: + name: IDEMIA BIOMetrics Default Credentials + author: Techryptic (@Tech) + severity: high + description: Default Credentials of password=12345 on IDEMIA BIOMetrics application. + reference: https://www.google.com/search?q=idemia+password%3D+"12345" + tags: idemia,biometrics,default-login + +requests: + - method: POST + path: + - '{{BaseURL}}/cgi-bin/login.cgi' + + body: password=12345 + + matchers-condition: and + matchers: + - type: word + words: + - "session_id=" + - "resource" + condition: and + + - type: word + words: + - "Invalid Password" + part: body + negative: true + + - type: status + status: + - 200 \ No newline at end of file