From e678e23568d62f9879ef685e3d63dc46752106ea Mon Sep 17 00:00:00 2001 From: Morgan Robertson Date: Sat, 24 Aug 2024 17:38:51 +1000 Subject: [PATCH 1/3] Add fuji-xerox apeosport/docucenter default login --- ...i-xerox-apeosport-default-credentials.yaml | 42 +++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 http/default-logins/fuji-xerox-apeosport-default-credentials.yaml diff --git a/http/default-logins/fuji-xerox-apeosport-default-credentials.yaml b/http/default-logins/fuji-xerox-apeosport-default-credentials.yaml new file mode 100644 index 00000000000..de5d0cf1818 --- /dev/null +++ b/http/default-logins/fuji-xerox-apeosport-default-credentials.yaml @@ -0,0 +1,42 @@ +id: fuji-xerox-apeosport-default-credentials + +info: + name: Fuji Xerox ApeosPort series default credentials + author: Morgan Robertson + severity: medium + description: | + This template checks for the default credentials (username: 11111, password: x-admin) on Fuji Xerox ApeosPort series printers. If the credentials are valid, the response will have a 200 HTTP status code. Tested on a Fuji Xerox ApeosPort-V C2275 T2. + + tags: default-login,fuji,fuji-xerox,printer + + reference: + - https://4it.com.au/kb/article/fuji-xerox-default-password/ + + metadata: + vendor: fuji-xerox + +http: + - method: GET + path: + - "{{BaseURL}}/prop.htm" + + headers: + Authorization: Basic MTExMTE6eC1hZG1pbg== + Connection: close + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: status + status: + - 401 + negative: true + + extractors: + - type: regex + part: body + regex: + - "[\\s\\S]*?" From ba2c8875fc7ff911dc66e0abd8975f29cfcd1594 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Sun, 25 Aug 2024 04:46:10 +0400 Subject: [PATCH 2/3] updated matchers,req and name --- ...i-xerox-apeosport-default-credentials.yaml | 42 ------------------- .../fuji-xerox-default-login.yaml | 38 +++++++++++++++++ 2 files changed, 38 insertions(+), 42 deletions(-) delete mode 100644 http/default-logins/fuji-xerox-apeosport-default-credentials.yaml create mode 100644 http/default-logins/fuji-xerox-default-login.yaml diff --git a/http/default-logins/fuji-xerox-apeosport-default-credentials.yaml b/http/default-logins/fuji-xerox-apeosport-default-credentials.yaml deleted file mode 100644 index de5d0cf1818..00000000000 --- a/http/default-logins/fuji-xerox-apeosport-default-credentials.yaml +++ /dev/null @@ -1,42 +0,0 @@ -id: fuji-xerox-apeosport-default-credentials - -info: - name: Fuji Xerox ApeosPort series default credentials - author: Morgan Robertson - severity: medium - description: | - This template checks for the default credentials (username: 11111, password: x-admin) on Fuji Xerox ApeosPort series printers. If the credentials are valid, the response will have a 200 HTTP status code. Tested on a Fuji Xerox ApeosPort-V C2275 T2. - - tags: default-login,fuji,fuji-xerox,printer - - reference: - - https://4it.com.au/kb/article/fuji-xerox-default-password/ - - metadata: - vendor: fuji-xerox - -http: - - method: GET - path: - - "{{BaseURL}}/prop.htm" - - headers: - Authorization: Basic MTExMTE6eC1hZG1pbg== - Connection: close - - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: status - status: - - 401 - negative: true - - extractors: - - type: regex - part: body - regex: - - "[\\s\\S]*?" diff --git a/http/default-logins/fuji-xerox-default-login.yaml b/http/default-logins/fuji-xerox-default-login.yaml new file mode 100644 index 00000000000..d7002e7d727 --- /dev/null +++ b/http/default-logins/fuji-xerox-default-login.yaml @@ -0,0 +1,38 @@ +id: fuji-xerox-default-login + +info: + name: Fuji Xerox ApeosPort - Default Login + author: Morgan Robertson + severity: high + description: | + This template checks for the default credentials (username: 11111, password: x-admin) on Fuji Xerox ApeosPort series printers. If the credentials are valid, the response will have a 200 HTTP status code. Tested on a Fuji Xerox ApeosPort-V C2275 T2. + reference: + - https://4it.com.au/kb/article/fuji-xerox-default-password/ + metadata: + max-request: 1 + verified: true + vendor: fuji-xerox + fofa-query: '"prop.htm" && "docucentre"' + tags: default-login,fuji,fuji-xerox,printer + +http: + - raw: + - | + GET /prop.htm HTTP/1.1 + Host: {{Hostname}} + Authorization: Basic MTExMTE6eC1hZG1pbg== + Connection: close + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Configuration Overview" + - "Description" + - "System Administrator Settings" + condition: and + + - type: status + status: + - 200 From ded6ae237e7db1d82170021e68963b4f46cca5f8 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sun, 25 Aug 2024 08:35:01 +0530 Subject: [PATCH 3/3] fix-lint-error --- .../{ => fuji-xerox}/fuji-xerox-default-login.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename http/default-logins/{ => fuji-xerox}/fuji-xerox-default-login.yaml (93%) diff --git a/http/default-logins/fuji-xerox-default-login.yaml b/http/default-logins/fuji-xerox/fuji-xerox-default-login.yaml similarity index 93% rename from http/default-logins/fuji-xerox-default-login.yaml rename to http/default-logins/fuji-xerox/fuji-xerox-default-login.yaml index d7002e7d727..6b5f4258a13 100644 --- a/http/default-logins/fuji-xerox-default-login.yaml +++ b/http/default-logins/fuji-xerox/fuji-xerox-default-login.yaml @@ -7,7 +7,7 @@ info: description: | This template checks for the default credentials (username: 11111, password: x-admin) on Fuji Xerox ApeosPort series printers. If the credentials are valid, the response will have a 200 HTTP status code. Tested on a Fuji Xerox ApeosPort-V C2275 T2. reference: - - https://4it.com.au/kb/article/fuji-xerox-default-password/ + - https://4it.com.au/kb/article/fuji-xerox-default-password/ metadata: max-request: 1 verified: true