关联漏洞
标题:
Grafana 路径遍历漏洞
(CVE-2021-43798)
描述:Grafana是Grafana实验室的一套提供可视化监控界面的开源监控工具。该工具主要用于监控和分析Graphite、InfluxDB和Prometheus等。 Grafana 8.0.0-beta1至8.3.0存在路径遍历漏洞,攻击者可利用该漏洞执行目录遍历攻击,访问本地文件。
描述
Grafana Arbitrary File Reading Vulnerability
介绍
# GrafanaArbitraryFileRead
## Usage
### 1. show info
```bash
❯ go run main.go -s
[INF] VulnInfo:
{
"Name": "Grafana Arbitrary File Read",
"VulID": "nil",
"Version": "1.0",
"Author": "z3",
"VulDate": "2021-12-07",
"References": [
"https://nosec.org/home/detail/4914.html"
],
"AppName": "Grafana",
"AppPowerLink": "https://grafana.com/",
"AppVersion": "Grafana Version 8.*",
"VulType": "Arbitrary File Read",
"Description": "An unauthorized arbitrary file reading vulnerability exists in Grafana, which can be exploited by an attacker to read arbitrary files on the host computer without authentication.",
"Category": "REMOTE",
"Dork": {
"Fofa": "app=\"Grafana\"",
"Quake": "",
"Zoomeye": "",
"Shodan": ""
}
}%
```
### 2. verify
```bash
echo vulfocus.fofa.so:55628 | go run main.go -v -t 20
http://vulfocus.fofa.so:55628
```
### 3. exploit
```bash
echo http://vulfocus.fofa.so:51766 | go run main.go -m exploit -v
```
Realization of the utilization idea in reference 1. To extract more information please modify the regular in the getAccesskey function.
## Reference
1. [grafana最新任意文件读取分析以及衍生问题解释](https://mp.weixin.qq.com/s/dqJ3F_fStlj78S0qhQ3Ggw)
2. [Grafana Unauthorized arbitrary file reading vulnerability](https://github.com/jas502n/Grafana-VulnTips)
## Disclaimer
This procedure is for security self-inspection only, please consciously comply with local laws.
文件快照
[4.0K] /data/pocs/9012767beec75dd49bdc72d834029e390b89790e
├── [ 501] go.mod
├── [4.3K] go.sum
├── [ 11K] main.go
└── [1.5K] README.md
0 directories, 4 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。