Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-24401 PoC — Nagios XI SQL注入漏洞

Source
https://github.com/MAWK0235/CVE-2024-24401
Associated Vulnerability
Title:Nagios XI SQL注入漏洞 (CVE-2024-24401)
Description:Nagios XI是美国Nagios公司的一套IT基础设施监控解决方案。该方案支持对应用、服务、操作系统等进行监控和预警。 Nagios XI 2024R1.01版本存在SQL注入漏洞,该漏洞源于允许远程攻击者通过monitoringwizard.php 组件使用精心设计的有效负载执行任意代码。
Description
Auto exploitation tool for CVE-2024-24401.
Readme
## Vulnerability Report

CVE Disovered by: Jarod Jaslow (MAWK) 

(DESIGNED TO BE RUN ON KALI LINUX)

### Vulnerability Details:

- **Endpoint:** `/nagiosxi//config/monitoringwizard.php` Nagios XI Version 2024R1.01
- **Vulnerability Type:** Authenticated SQL Injection
- **Exploitation Result:** Admin account creation and full remote code execution

### Steps to Reproduce:

1. Create a fresh instance of Nagios XI Version 2024R1.01.
![Pasted image 20240118113507](https://github.com/MAWK0235/NagiosSQLI-CVE-2024-24401/assets/90433993/85fb6873-4066-4927-9f77-96186ed59842)

![Pasted image 20240118113528](https://github.com/MAWK0235/NagiosSQLI-CVE-2024-24401/assets/90433993/5a77e286-5bba-4af4-8c6f-c326011282a2)

![Pasted image 20240118113539](https://github.com/MAWK0235/NagiosSQLI-CVE-2024-24401/assets/90433993/a57ef105-1a10-4d36-a6d4-5e9049e42929)


![Pasted image 20240118113554](https://github.com/MAWK0235/NagiosSQLI-CVE-2024-24401/assets/90433993/22518efd-ceee-48ce-b8ee-7fcb3157e9b8)


3. Create a user with minimum permissions.
![Pasted image 20240118113548](https://github.com/MAWK0235/NagiosSQLI-CVE-2024-24401/assets/90433993/1448fbfb-7c12-4e05-b26b-6baf57edfecf)

5. Start a local listener on the attacker machine using netcat: `nc -nlvp 4444`.
6. Execute the provided Python script with the correct arguments:
    ```
    python3 MawkiNagiosXIPOC.py <target IP> <Local Listening IP> <NC listening port>
    ```
![Pasted image 20240118113632](https://github.com/MAWK0235/NagiosSQLI-CVE-2024-24401/assets/90433993/cdae41df-e0b3-4c03-92ea-0feb39b670ad)

### Proof of Concept:

Attached is the Python script demonstrating the vulnerability 

### Recommendation:

To mitigate the risk of SQL injection, it is strongly advised to use parameterized queries or prepared statements when interacting with databases. Parameterized queries ensure that user input is treated as data, not executable code, making it much more difficult for attackers to inject malicious SQL statements.

This should be mitigated in recent updates.

CVE:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-24401
File Snapshot

 [4.0K]  /data/pocs/33703a3ac7f12f04ec271764ec4574e92a9d99a8
├── [ 10K]  MawkNagiosXIPOC.py
└── [2.1K]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.