From 02337a8b89cca59ecc4410ea7f9e69a716c8b4e9 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 18 Jul 2024 16:05:40 +0530 Subject: [PATCH 1/3] Create deluge-default-login.yaml --- .../deluge/deluge-default-login.yaml | 48 +++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 http/default-logins/deluge/deluge-default-login.yaml diff --git a/http/default-logins/deluge/deluge-default-login.yaml b/http/default-logins/deluge/deluge-default-login.yaml new file mode 100644 index 0000000000..e4c7a1191d --- /dev/null +++ b/http/default-logins/deluge/deluge-default-login.yaml @@ -0,0 +1,48 @@ +id: deluge-default-login + +info: + name: Deluge - Default Login + author: ritikchaddha + severity: high + description: Deluge Default login credentials were discovered. + reference: + - https://docs.linuxserver.io/images/docker-deluge/#:~:text=The%20admin%20interface%20is%20available,%2D%3EInterface%2D%3EPassword. + metadata: + max-request: 1 + verified: true + shodan-query: title:"Deluge" + tags: deluge,misconfig,default-login + +http: + - raw: + - | + POST /json HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/json + + {"method":"auth.login","params":["{{password}}"],"id":51} + + payloads: + password: + - deluge + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'result": true' + - 'error": null' + - 'id": 51' + condition: and + + - type: word + part: header + words: + - "_session_id=" + - "application/json" + condition: and + + - type: status + status: + - 200 From 4c50fe856fbc171182747eb1fafc9e72e485b3ec Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 18 Jul 2024 16:09:18 +0530 Subject: [PATCH 2/3] lint fix --- http/default-logins/deluge/deluge-default-login.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http/default-logins/deluge/deluge-default-login.yaml b/http/default-logins/deluge/deluge-default-login.yaml index e4c7a1191d..e66795de0a 100644 --- a/http/default-logins/deluge/deluge-default-login.yaml +++ b/http/default-logins/deluge/deluge-default-login.yaml @@ -4,7 +4,7 @@ info: name: Deluge - Default Login author: ritikchaddha severity: high - description: Deluge Default login credentials were discovered. + description: Deluge Default login credentials were discovered. reference: - https://docs.linuxserver.io/images/docker-deluge/#:~:text=The%20admin%20interface%20is%20available,%2D%3EInterface%2D%3EPassword. metadata: From 5ccbe04764590358e8522925be36dca538eb4b8c Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 18 Jul 2024 19:18:58 +0530 Subject: [PATCH 3/3] minorupdate --- http/default-logins/deluge/deluge-default-login.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/http/default-logins/deluge/deluge-default-login.yaml b/http/default-logins/deluge/deluge-default-login.yaml index e66795de0a..c5aeb2070d 100644 --- a/http/default-logins/deluge/deluge-default-login.yaml +++ b/http/default-logins/deluge/deluge-default-login.yaml @@ -4,14 +4,15 @@ info: name: Deluge - Default Login author: ritikchaddha severity: high - description: Deluge Default login credentials were discovered. + description: | + Deluge Default login credentials were discovered. reference: - https://docs.linuxserver.io/images/docker-deluge/#:~:text=The%20admin%20interface%20is%20available,%2D%3EInterface%2D%3EPassword. metadata: max-request: 1 verified: true shodan-query: title:"Deluge" - tags: deluge,misconfig,default-login + tags: deluge,default-login http: - raw: