Forked from https://github.com/pedrohavay/exploit-grafana-CVE-2021-43798
Updated to decrypt everything in the secure_json_data
field of the DB, and to print out the relevant data.
This is a proof-of-concept exploit for Grafana's Unauthorized Arbitrary File Read Vulnerability (CVE-2021-43798).
This vulnerability affects Grafana 8.0.0-beta1 to 8.3.0
.
According to Shodan data, there are just over 2,000 Grafana servers exposed online, with the majority residing in the US and Europe, as can be seen in the figure below.
For more information:
@pedrohavay and @acassio22
This project is created only for educational purposes and cannot be used for law violation or personal gain.
The author of this project is not responsible for any possible harm caused by the materials of this project.
git clone https://github.com/pedrohavay/exploit-grafana-CVE-2021-43798
cd exploit-grafana-CVE-2021-43798
python -m venv venv
source venv/bin/activate
pip install -r requirements.txt
-
Collect all Grafana URLs in a single file. Default:
targets.txt
-
Use the script
python3 exploit.py
- Python 3
- SQLite3