CVE-2021-43798 PoC — Grafana 路径遍历漏洞

介绍

# Grafana CVE 2021-43798

Grafana Unauthorized arbitrary file reading vulnerability **CVE-2021-43798**

## deps

```
python3 -m pip install -r requirements.txt

or 

pipenv install -r requirements.txt

```
# Dorks

![shoot_shodan.png](shoot_shodan.png)
* Dorks (Shodan | Google)
  - [Google Dorks](google-dorks.txt)
  - [Shodan Dorks](shodan-dork.txt)


# Usage

* Targets without / at the end. And without http:// or https://
  - Example of targets.txt file

```
target.com
example.com
foo.gov
xpto.com.de
```


```

usage: tool [-h] [--file <hostnames.txt>] [--range <ip-start>,<ip-end>] [--single SINGLE]

optional arguments:
  -h, --help                   show this help message and exit
  --file <hostnames.txt>       Input your target host lists
  --range <ip-start>,<ip-end>  Set range IP Eg.: 192.168.15.1,192.168.15.100
  --single <target>            Only one target
```

# PoC
![poc.gif](poc.gif)

## Features
- Range of ips with --range Eg: python3 main.py --range 192.168.0.1,192.168.1.253
- List of hostnames --file Eg: python3 main.py --file hostnames.txt
- Test single target --single Eg: python3 main.py --single example.com:3000

## References

[https://github.com/jas502n/Grafana-CVE-2021-43798](https://github.com/jas502n/Grafana-CVE-2021-43798)

## LOOK HERE

```
+------------------------------------------------------------------------------+
|  [!] Legal disclaimer: Usage of this tool for attacking                      |
|  targets without prior mutual consent is illegal.                            |
|  It is the end user's responsibility to obey all applicable                  | 
|  local, state and federal laws.                                              |
|  Developers assume no liability and are not responsible for any misuse or    |
|  damage caused by this program                                               |
+------------------------------------------------------------------------------+

```

Bye!

![bye-rui.gif](bye-rui.gif)

文件快照

备注