We will start here:
As you can see I downloaded OVA file with latest Nagios (5.6.9) and after a while (with VirtualBox) we are ready to start Burp. Our goal for today: find XSS bug(s) available for normal/registered user.
TL;DR ;)
#01: parameter: host:
Results:
Cool. Let's "show response in browser":
Next I tried to check the source code to find something 'similar' to the host parameter.
So we shoule be somewhere here:
Next:
I decide to follow via host parameter:
More:
...and more...
...and we landed here:
Checking:
Yep. So what about next param? ;)
#02: parameter: hostgroup:
Next...
#03: parameter: servicegroup:
Can you see any pattern here? ;)
Next...
#04: parameter: hour:
Response:
Our new report:
Frequency parameter is also vulnerable for this attack.
Now. Our new 'scheduled report' is available for us:
... as well as for the (nagios)admin user, check it out:
Maybe you'll find it useful. ;)
More bugs you'll find described here. In case you liked it - remember that now you have a donate button (right on top). ;)
See you next time!
Cheers
Brak komentarzy:
Prześlij komentarz