Kafka Center Default Login , Panel , Kafka Cruise Control UI Dashboard (#3472)

* Create secure-login-panel.yaml * Create geo-webserver.yaml * Create hp-virtual-connect-manager.yaml * Create microsoft-azure-error.yaml * Create microsoft-iis-8.yaml * Create veeam-backup-azure-panel.yaml * Create user-control-panel.yaml * Create kafka-consumer-monitor.yaml * Update kafka-consumer-monitor.yaml * Create kafka-connect-ui-exposure.yaml * misc updates * duplicate template existing one - `exposed-panels/kafka-connect-ui.yaml` * Create kafka-cruise-control.yaml * Create kafka-center-default-login.yaml * Create kafka-center-login.yaml * minor update Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-03 23:52:26 +05:30 · 2022-01-03 23:52:26 +05:30 · eb2624580d
parent 349a112db3
commit eb2624580d
3 changed files with 80 additions and 0 deletions
--- a/default-logins/kafka-center-default-login.yaml
+++ b/default-logins/kafka-center-default-login.yaml
@ -0,0 +1,38 @@
+id: kafka-center-default-login
+
+info:
+  name: Kafka Center Default Login
+  author: dhiyaneshDK
+  severity: high
+  tags: kafka,default-login
+  metadata:
+    shodan-query: http.title:"Kafka Center"
+
+requests:
+  - raw:
+      - |
+        POST /login/system HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/json
+
+        {"name":"{{username}}","password":"{{password}}","checkbox":false}
+
+    attack: pitchfork
+    payloads:
+      username:
+        - admin
+      password:
+        - admin
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - '"code":200'
+          - '"name":"admin"'
+        condition: and
+
+      - type: status
+        status:
+          - 200
--- a/exposed-panels/kafka-center-login.yaml
+++ b/exposed-panels/kafka-center-login.yaml
@ -0,0 +1,21 @@
+id: kafka-center-login
+
+info:
+  name: Kafka Center Login
+  author: dhiyaneshDK
+  severity: info
+  tags: panel,kafka
+  metadata:
+    shodan-query: http.title:"Kafka Center"
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    redirects: true
+    max-redirects: 2
+    matchers:
+      - type: word
+        words:
+          - '<title>Kafka Center</title>'
--- a/misconfiguration/kafka-cruise-control.yaml
+++ b/misconfiguration/kafka-cruise-control.yaml
@ -0,0 +1,21 @@
+id: kafka-cruise-control
+
+info:
+  name: Kafka Cruise Control UI
+  author: dhiyaneshDK
+  severity: medium
+  tags: kafka,misconfig
+  metadata:
+    shodan-query: http.title:"Kafka Cruise Control UI"
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    redirects: true
+    max-redirects: 2
+    matchers:
+      - type: word
+        words:
+          - '<title>Kafka Cruise Control UI</title>'