Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-23131 PoC — Zabbix 安全漏洞

Source
https://github.com/Mr-xn/cve-2022-23131
Associated Vulnerability
Title:Zabbix 安全漏洞 (CVE-2022-23131)
Description:Zabbix是拉脱维亚Zabbix公司的一套开源的监控系统。该系统支持网络监控、服务器监控、云监控和应用监控等。 Zabbix 存在安全漏洞,该漏洞源于在启用 SAML SSO 身份验证(非默认)的情况下,恶意行为者可以修改会话数据,因为存储在会话中的用户登录未经过验证。 未经身份验证的恶意攻击者可能会利用此问题来提升权限并获得对 Zabbix 前端的管理员访问权限。
Description
cve-2022-23131 zabbix-saml-bypass-exp
Readme
# cve-2022-23131
cve-2022-23131 zabbix-saml-bypass-exp


1. replace [zbx_signed_session] to  [cookie] 


<img width="1384" alt="image-20220218164224691" src="https://user-images.githubusercontent.com/18260135/154678436-8dd97076-2c4b-459d-90f0-2f7dc36156ed.png">

2. sign in with Single Sign-On (SAML)

<img width="1189" alt="image-20220218164332289" src="https://user-images.githubusercontent.com/18260135/154678517-634f3ab2-c9fc-43a4-9b12-e1f67b00ac57.png">


author: @random-robbie、@jweny and @Mr-xn  
link: https://blog.sonarsource.com/zabbix-case-study-of-unsafe-session-storage
File Snapshot

 [4.0K]  /data/pocs/d837e99b1b6f7e667673561d18f8ef9c496a87c8
├── [ 586]  README.md
└── [4.1K]  zabbix_session_exp.py

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.