Wazuh default credentials check does not work due to extractor logic failing
denandz opened this issue · comments
DoI commented
Nuclei Version:
v3.2.2
Template file:
http/default-logins/wazuh-default-login.yaml
Command to reproduce:
nuclei -t http/default-logins/wazuh-default-login.yaml -u https://127.0.0.1 -v
The template has the following issues:
- This template is meant to extract the
Osd-Version
value out of an initial request, but due to erroneous extractor logic the extraction fails and theosd
variable is never populated. - Wazuh dashboard login required the
osd-xsrf
header for a login to succeed, which is not specified in the template. - The template is missing the default password for the Wazuh docker installations
Output:
$ nuclei -t http/default-logins/wazuh-default-login.yaml -u https://127.0.0.1 -v
__ _
____ __ _______/ /__ (_)
/ __ \/ / / / ___/ / _ \/ /
/ / / / /_/ / /__/ / __/ /
/_/ /_/\__,_/\___/_/\___/_/ v3.2.2
projectdiscovery.io
[VER] Started metrics server at localhost:9092
[INF] Current nuclei version: v3.2.2 (latest)
[INF] Current nuclei-templates version: v9.8.0 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 85
[INF] Templates loaded for current scan: 1
[INF] Executing 1 signed templates from projectdiscovery/nuclei-templates
[INF] Targets loaded for current scan: 1
[WRN] [wazuh-default-login] Could not make http request for https://127.0.0.1: unresolved variables found: osd
[WRN] [wazuh-default-login] Could not make http request for https://127.0.0.1: unresolved variables found: osd
[VER] [wazuh-default-login] Sent HTTP request to https://127.0.0.1/app/login?nextUrl=%2Fapp%2Fwazuh
[VER] [wazuh-default-login] Sent HTTP request to https://127.0.0.1/app/login?nextUrl=%2Fapp%2Fwazuh
[INF] No results found. Better luck next time!