34 lines
809 B
YAML
34 lines
809 B
YAML
id: activemq-default-login
|
|
|
|
info:
|
|
name: Apache ActiveMQ Default Login
|
|
author: pdteam
|
|
severity: medium
|
|
description: Apache ActiveMQ default login information was discovered.
|
|
reference: https://knowledge.broadcom.com/external/article/142813/vulnerability-apache-activemq-admin-con.html
|
|
tags: apache,activemq,default-login
|
|
|
|
requests:
|
|
- raw:
|
|
- |
|
|
GET /admin/ HTTP/1.1
|
|
Host: {{Hostname}}
|
|
Authorization: Basic {{base64(username + ':' + password)}}
|
|
|
|
payloads:
|
|
username:
|
|
- user
|
|
- admin
|
|
password:
|
|
- user
|
|
- admin
|
|
attack: pitchfork
|
|
matchers:
|
|
- type: word
|
|
words:
|
|
- 'Welcome to the Apache ActiveMQ Console of <b>'
|
|
- '<h2>Broker</h2>'
|
|
condition: and
|
|
|
|
# Enhanced by mp on 2022/03/07
|