Detected Rancher installation was found with an incomplete first-time setup. The bootstrap login page was publicly accessible at /dashboard/auth/login, indicating an unconfigured instance that could have been targeted for unauthorized setup completion.
PoC代码[已公开]
id: rancher-incomplete-setup
info:
name: Rancher - Incomplete Setup Exposure
author: 0x_Akoko
severity: low
description: |
Detected Rancher installation was found with an incomplete first-time setup. The bootstrap login page was publicly accessible at /dashboard/auth/login, indicating an unconfigured instance that could have been targeted for unauthorized setup completion.
reference:
- https://rancher.com/docs/rancher/v2.6/en/installation/
metadata:
verified: true
max-request: 1
shodan-query: title:"Rancher"
fofa-query: title="Rancher"
tags: rancher,misconfig,exposure
http:
- method: GET
path:
- "{{BaseURL}}/v3/settings/first-login"
matchers-condition: and
matchers:
- type: word
part: body
words:
- '"value":"true"'
- '"name":"first-login"'
condition: and
- type: status
status:
- 200
# digest: 490a00463044022030d246d79d1325ee9ca82b4df5b2f39558e6c96b6d5ec8635d09d49d99c8c0d7022013622a2c851ba632457f60a77751474251e54f5634d53acef252a1166e1d2439:922c64590222798bb761d5b6d8e72950