Update Apache Airflow Default Login (v3)

[hdm]

Template / PR Information

This PR adds a second airflow default login template to handle the v3 console.
Newer versions of airflow have a different HTML title, use different URLs, and have slightly different post-auth page content.

If there is a better way to combine these templates instead, please let me know.

Template Validation

I've validated this template locally?

• YES
• NO

Additional Details (leave it blank if not applicable)

$ nuclei -duc -debug -t http/default-logins/apache/airflow-v3-default-login.yaml -u http://192.168.40.254:8080

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.4.4

                projectdiscovery.io

[WRN] Setting thread count to 0 for 1 templates, dynamic extractors are not supported with payloads yet
[INF] Current nuclei version: v3.4.4 (unknown) - remove '-duc' flag to enable update checks
[INF] Current nuclei-templates version: v10.2.2 (unknown) - remove '-duc' flag to enable update checks
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 88
[INF] Templates loaded for current scan: 1
[WRN] Loading 1 unsigned templates for scan. Use with caution.
[INF] Targets loaded for current scan: 1
[INF] [airflow-v3-default-login] Dumped HTTP request for http://192.168.40.254:8080/auth/login/

GET /auth/login/ HTTP/1.1
Host: 192.168.40.254:8080
User-Agent: Mozilla/5.0 (ZZ; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36
Connection: close
Origin: http://192.168.40.254:8080
Accept-Encoding: gzip

[DBG] [airflow-v3-default-login] Dumped HTTP response http://192.168.40.254:8080/auth/login/

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Content-Type: text/html; charset=utf-8
Date: Fri, 13 Jun 2025 04:37:41 GMT
Expires: 0
Pragma: no-cache
Server: uvicorn
Set-Cookie: session=1149a726-20e4-49f8-b9cf-47ab3e5cc1d3.7LhO3kLzD36T3LlKwhP46pVYFwI; Expires=Sun, 13 Jul 2025 04:37:42 GMT; HttpOnly; Path=/
Vary: Accept-Encoding

<!-- extend base layout -->





  


<!DOCTYPE html>
<html>
  <head>
    <title>Airflow
</title>

    ...




    
    
  </body>
</html>
[INF] [airflow-v3-default-login] Dumped HTTP request for http://192.168.40.254:8080/auth/login/

POST /auth/login/ HTTP/1.1
Host: 192.168.40.254:8080
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.3 Safari/605.1.15
Connection: close
Content-Length: 137
Content-Type: application/x-www-form-urlencoded
Cookie: session=1149a726-20e4-49f8-b9cf-47ab3e5cc1d3.7LhO3kLzD36T3LlKwhP46pVYFwI
Origin: http://192.168.40.254:8080
Referer: http://192.168.40.254:8080/auth/login
Accept-Encoding: gzip

username=airflow&password=airflow&_csrf_token=ImEwY2EwOTY2ODVjODk5ZjhhZGM3M2JmMDg5YmZhNjU5YzI4NTI2NjYi.aEurFg.BvfQNdfjDt-yW9gEvQpLQf19vCc
[DBG] [airflow-v3-default-login] Dumped HTTP response http://192.168.40.254:8080/auth/login/

HTTP/1.1 302 Found
Connection: close
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Content-Type: text/html; charset=utf-8
Date: Fri, 13 Jun 2025 04:37:41 GMT
Expires: 0
Location: /auth/
Pragma: no-cache
Server: uvicorn
Set-Cookie: session=df70ba0f-46ff-4fd5-b677-7d61fe978bb7.CsxjlqVdakh3XKFoB9J5v0A3B-8; Expires=Sun, 13 Jul 2025 04:37:43 GMT; HttpOnly; Path=/
Vary: Accept-Encoding

<!doctype html>
<html lang=en>
<title>Redirecting...</title>
<h1>Redirecting...</h1>
<p>You should be redirected automatically to the target URL: <a href="/auth/">/auth/</a>. If not, click the link.
[airflow-v3-default-login:dsl-1] [http] [high] http://192.168.40.254:8080/auth/login/ [password="airflow",username="airflow"]
[airflow-v3-default-login:word-2] [http] [high] http://192.168.40.254:8080/auth/login/ [password="airflow",username="airflow"]
[INF] Scan completed in 384.473041ms. 2 matches found.

[princechaddha]

Automated PR Review (Experimental)

---

Thank you for your contribution! I've reviewed the PR, and here are some suggestions for improvement:

1. Template Structure: Ensure that the id in airflow-v3-default-login.yaml should ideally be more descriptive and consistent with the naming conventions used in the repository. Consider changing it to something like apache-airflow-v3-default-login.

2. Duplicate References: The reference link provided in both templates points to the same location. Ensure that this reference is valid and leads to a unique resource that explains the vulnerabilities found in both versions of Apache Airflow.

3. Matcher Condition Consistency: In the airflow-default-login.yaml, the matchers are correctly using matchers-condition: and. Ensure that the same is used throughout new templates for consistency.

4. Extractors: In both templates, the indentation for regex under extractors is off. Ensure that the items listed under regex have proper indentation to follow YAML structure.

5. Non-functional Validations: Ensure that all keys are consistently capitalized (e.g., change max-request to max_requests to align with common naming conventions).

6. Unused Comments: The commented-out digest in the new file should be removed if it's not going to be utilized, as keeping unnecessary comments can create confusion.

7. End of File: Add a newline at the end of airflow-v3-default-login.yaml to comply with best practices for YAML formatting.

You can join our discord server. It's a great place to connect with fellow contributors and stay updated with the latest developments. Thank you once again.

Please note that I am an AI Template bot which is still experimental and the team will review the PR shortly.