daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/javascript/default-logins/mssql-default-logins.yaml

43 lines
1.1 KiB
YAML
Raw Blame History

id: mssql-default-logins
info:
name: Microsoft Sql - Default Logins
author: Ice3man543,tarunKoyalwar
severity: high
description: |
A MSSQL service was accessed with easily guessed credentials.
metadata:
max-request: 7
shodan-query: port:1433
tags: js,mssql,default-login,network
javascript:
- pre-condition: |
var m = require("nuclei/mssql");
var c = m.MSSQLClient();
c.IsMssql(Host, Port);
code: |
var m = require("nuclei/mssql");
var c = m.MSSQLClient();
c.Connect(Host,Port,User,Pass)
args:
Host: "{{Host}}"
Port: "1433"
User: "{{usernames}}"
Pass: "{{passwords}}"
payloads:
usernames:
- sa
- root
- admin
passwords:
- SqlServer0
- SqlServer2021
attack: clusterbomb
matchers:
- type: dsl
dsl:
- "response == true"
- "success == true"
condition: and
# digest: 4b0a004830460221008d4baa58ed07f4e81549bf11dd3df65fd0b3145d88813c18861293d37242ff4702210087c637ad54842f7b6cfb39607ab24d8798ba2e4574dab19f30870bf41810bffe:922c64590222798bb761d5b6d8e72950
Reference in New Issue View Git Blame Copy Permalink