Merge pull request #6471 from clem9669/master
Adding template for EmpireC2 default api loginpatch-1
Ritik Chaddha
GitHub
commit
bf4cf8793c
|
|
@ -1,14 +1,14 @@
|
|||
cves/2018/CVE-2018-11227.yaml
|
||||
cves/2018/CVE-2018-11473.yaml
|
||||
cves/2022/CVE-2022-44877.yaml
|
||||
exposed-panels/episerver-panel.yaml
|
||||
exposed-panels/freepbx-administration-panel.yaml
|
||||
exposed-panels/monstra-admin-panel.yaml
|
||||
exposures/mobiproxy-dashboard.yaml
|
||||
file/keys/stackhawk-api-key.yaml
|
||||
misconfiguration/installer/impresspages-installer.yaml
|
||||
misconfiguration/installer/monstra-installer.yaml
|
||||
misconfiguration/installer/orangehrm-installer.yaml
|
||||
misconfiguration/phpcli-stack-trace.yaml
|
||||
technologies/default-cakephp-page.yaml
|
||||
technologies/monstracms-detect.yaml
|
||||
cves/2018/CVE-2018-11227.yaml
|
||||
cves/2018/CVE-2018-11473.yaml
|
||||
cves/2022/CVE-2022-44877.yaml
|
||||
exposed-panels/episerver-panel.yaml
|
||||
exposed-panels/freepbx-administration-panel.yaml
|
||||
exposed-panels/monstra-admin-panel.yaml
|
||||
exposures/mobiproxy-dashboard.yaml
|
||||
file/keys/stackhawk-api-key.yaml
|
||||
misconfiguration/installer/impresspages-installer.yaml
|
||||
misconfiguration/installer/monstra-installer.yaml
|
||||
misconfiguration/installer/orangehrm-installer.yaml
|
||||
misconfiguration/phpcli-stack-trace.yaml
|
||||
technologies/default-cakephp-page.yaml
|
||||
technologies/monstracms-detect.yaml
|
||||
|
|
@ -19,7 +19,8 @@ info:
|
|||
cwe-id: CWE-79
|
||||
metadata:
|
||||
shodan-query: title:"Grafana"
|
||||
tags: grafana,hackerone,cve,cve2020,xss
|
||||
tags: cve,cve2020,xss,grafana,hackerone
|
||||
|
||||
|
||||
requests:
|
||||
- raw:
|
||||
|
|
|
|||
|
|
@ -17,7 +17,6 @@ info:
|
|||
cve-id: CVE-2022-45917
|
||||
cwe-id: CWE-601
|
||||
metadata:
|
||||
cve-id: CVE-2022-45917
|
||||
shodan-query: http.html:"ILIAS"
|
||||
verified: "true"
|
||||
tags: redirect,packetstorm,seclists,cve,cve2022,ilias
|
||||
|
|
|
|||
|
|
@ -0,0 +1,44 @@
|
|||
id: empirec2-default-login
|
||||
|
||||
info:
|
||||
name: Empire-C2 Default Login
|
||||
author: clem9669
|
||||
severity: high
|
||||
reference:
|
||||
- https://github.com/BC-SECURITY/Empire
|
||||
- https://bc-security.gitbook.io/empire-wiki/quickstart/configuration/server
|
||||
metadata:
|
||||
verified: true
|
||||
tags: default-login,empire
|
||||
|
||||
requests:
|
||||
- raw:
|
||||
- |
|
||||
POST /api/admin/login HTTP/1.1
|
||||
Host: {{Hostname}}
|
||||
Content-Type: application/json
|
||||
|
||||
{"username":"{{user}}","password":"{{pass}}"}
|
||||
|
||||
attack: pitchfork
|
||||
payloads:
|
||||
user:
|
||||
- empireadmin
|
||||
pass:
|
||||
- password123
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: regex
|
||||
part: body
|
||||
regex:
|
||||
- '{"token":".*"}'
|
||||
|
||||
- type: word
|
||||
part: header
|
||||
words:
|
||||
- 'application/json'
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
Loading…
Reference in New Issue