From eb2624580dab106adc6b92c9583383d674e32a06 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 3 Jan 2022 23:52:26 +0530 Subject: [PATCH] Kafka Center Default Login , Panel , Kafka Cruise Control UI Dashboard (#3472) * Create secure-login-panel.yaml * Create geo-webserver.yaml * Create hp-virtual-connect-manager.yaml * Create microsoft-azure-error.yaml * Create microsoft-iis-8.yaml * Create veeam-backup-azure-panel.yaml * Create user-control-panel.yaml * Create kafka-consumer-monitor.yaml * Update kafka-consumer-monitor.yaml * Create kafka-connect-ui-exposure.yaml * misc updates * duplicate template existing one - `exposed-panels/kafka-connect-ui.yaml` * Create kafka-cruise-control.yaml * Create kafka-center-default-login.yaml * Create kafka-center-login.yaml * minor update Co-authored-by: sandeep --- .../kafka-center-default-login.yaml | 38 +++++++++++++++++++ exposed-panels/kafka-center-login.yaml | 21 ++++++++++ misconfiguration/kafka-cruise-control.yaml | 21 ++++++++++ 3 files changed, 80 insertions(+) create mode 100644 default-logins/kafka-center-default-login.yaml create mode 100644 exposed-panels/kafka-center-login.yaml create mode 100644 misconfiguration/kafka-cruise-control.yaml diff --git a/default-logins/kafka-center-default-login.yaml b/default-logins/kafka-center-default-login.yaml new file mode 100644 index 0000000000..644b8f35b9 --- /dev/null +++ b/default-logins/kafka-center-default-login.yaml @@ -0,0 +1,38 @@ +id: kafka-center-default-login + +info: + name: Kafka Center Default Login + author: dhiyaneshDK + severity: high + tags: kafka,default-login + metadata: + shodan-query: http.title:"Kafka Center" + +requests: + - raw: + - | + POST /login/system HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/json + + {"name":"{{username}}","password":"{{password}}","checkbox":false} + + attack: pitchfork + payloads: + username: + - admin + password: + - admin + + matchers-condition: and + matchers: + + - type: word + words: + - '"code":200' + - '"name":"admin"' + condition: and + + - type: status + status: + - 200 diff --git a/exposed-panels/kafka-center-login.yaml b/exposed-panels/kafka-center-login.yaml new file mode 100644 index 0000000000..439928cda2 --- /dev/null +++ b/exposed-panels/kafka-center-login.yaml @@ -0,0 +1,21 @@ +id: kafka-center-login + +info: + name: Kafka Center Login + author: dhiyaneshDK + severity: info + tags: panel,kafka + metadata: + shodan-query: http.title:"Kafka Center" + +requests: + - method: GET + path: + - '{{BaseURL}}' + + redirects: true + max-redirects: 2 + matchers: + - type: word + words: + - 'Kafka Center' diff --git a/misconfiguration/kafka-cruise-control.yaml b/misconfiguration/kafka-cruise-control.yaml new file mode 100644 index 0000000000..ef694ffe4c --- /dev/null +++ b/misconfiguration/kafka-cruise-control.yaml @@ -0,0 +1,21 @@ +id: kafka-cruise-control + +info: + name: Kafka Cruise Control UI + author: dhiyaneshDK + severity: medium + tags: kafka,misconfig + metadata: + shodan-query: http.title:"Kafka Cruise Control UI" + +requests: + - method: GET + path: + - '{{BaseURL}}' + + redirects: true + max-redirects: 2 + matchers: + - type: word + words: + - 'Kafka Cruise Control UI'