You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
Nagios xi metasploit. 0 when uploading plugins.
- Nagios xi metasploit. A further check is then done to see if the target is a version prior to 5. 6-5. The module achieves this by cr This page contains detailed information about how to use the exploit/unix/webapp/nagios_graph_explorer metasploit module. 5 the commands are run as root. Apr 8, 2024 · This was a Linux machine that required to find credentials hidden in an image file and exploiting a vulnerability in Nagios XI to escalate. . 5 as the apache user. This page contains detailed information about how to use the exploit/linux/http/nagios_xi_magpie_debug metasploit module. Apr 1, 2021 · Valid credentials for a Nagios XI admin user are required. 0 through 5. Check for Nagios XI exploits with Searchsploit May 30, 2022 · Community member Erik Wynter has contributed two more Nagios XI modules this week, on top of the [previous week s contributions] ()! If you ve noticed Nagios XI 5. May 12, 2022 · Steps to reproduce How'd you do it? Start up the Docker container docker run -p 80:80 tgoetheyn/docker-nagiosxi and configure it use linux/http/nagios_xi_autodiscovery_webshell set httptrace true set your values and run Confirm that you Metasploit Framework. 5 is affected by OS command injection. 4. When combined, these two vulnerabilities give us a root reverse shell. For list of all metasploit This page contains detailed information about how to use the exploit/linux/http/nagios_xi_plugins_filename_authenticated_rce metasploit module. Cisco Secure Network Analytics vs Nagios XI. 13, the command Jun 26, 2019 · Nagios XI 5. CVE-2019-15949 . 5) to spawn a root shell - jakgibb/nagiosxi-root-rce-exploit Feb 28, 2023 · Metasploit Module Metasploit is an open source attack framework that security professionals use to exploit vulnerabilities, often during a testing scenario such as a penetration test. For list of all metasploit modules, visit the Metasploit Module Library. 6 information is located in the bottom-left corner. Vulners / Metasploit / Nagios XI Chained Remote Code Execution Online Exploit details for "Nagios XI - Authenticated Remote Command Execution (Metasploit)" Metasploit Framework. For list of all metasploit modules, visit Metasploit Framework. Note that versions prior to 5. Feb 14, 2022 · This Metasploit module exploits a path traversal issue in Nagios XI before version 5. POC which exploits a vulnerability within Nagios XI (5. Apr 8, 2025 · Nagios Xi 5. 0 will still be marked as being vulnerable however this Aug 13, 2021 · A path traversal vulnerability exists in Nagios XI below version 5. 6. CVE-83552 . webapps exploit for PHP platform Metasploit Framework. 6 RCE Nessus plugin (154935) including list of exploits and PoCs found on GitHub, in Metasploit or Exploit-DB. 6 and therefore vulnerable. Jan 14, 2021 · Nagios XI 5. This module provides a way of interacting with Nagios XI installations The module detects the version of Nagios XI running on a target and suggests matching exploit modules based on the version number. Module Options To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced': Detailed information about the Nagios XI < 5. 0-5. For all supported targets except Linux (cmd), the module uses a command stager to write the exploit to the target via the malicious plugin. php due to impr Jun 26, 2019 · Nagios XI 5. 12. Jun 27, 2016 · This module exploits an SQL injection, auth bypass, file upload, command injection, and privilege escalation in Nagios XI <= 5. For list of all metasploit modules Boolean indicating if the module should finish installing Nagios XI on target hosts if the installation hasn't been completed or the license agreement is not signed Metasploit Framework. 12 - Chained Remote Code Execution (Metasploit). 13 allows an unauthenticated attacker to make configuration changes and leverage an authenticated SQL injection vulnerability. The path traversal allows a remote and authenticated administrator to upload a PHP web shell and execute code as `www-data`. When combined, these two vulnerabilities allow e Network Enumeration Steganography CVE-2019-15949 - Nagios XI Metasploit (nagios_xi_authenticated_rce) NagiosXI may store credentials of the hosts it monitors. org/discordIf you would like to support me, please like, comment & subscribe, and check me out on Pat Apr 14, 2021 · This module exploits a vulnerability in the getprofile. Successful exploitation allows an authenticated admin user to achieve remot Metasploit Framework. Use searchsploit to check the Exploit-DB database if there’s an exploit available for this version of Nagios XI. php page of Nagios XI versions prior to 5. Mar 18, 2021 · The module detects the version of Nagios XI applications and suggests matching exploit modules based on the version number. 7 to pop a root shell. Base your decision on 12 verified peer reviews, ratings, pros & cons, pricing, support and more. x through 5. When used to target a specific host, the module requires valid Jul 2, 2018 · Nagios XI 5. 6: CVE-2018-15708 which allows for unauthenticated remote code execution and CVE-2018-15710 which allows for local privilege escalation. Oct 20, 2020 · Module Options To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced': Jul 4, 2023 · Nagios XI 5. For versions 5. 12 - Chained Remote Code Execution - Gain remote root access by exploiting vulnerabilities, including SQL injection and command injection. 6 - Authenticated Remote Code Execution (RCE). This module exploits an SQL injection, auth bypass, file upload, command injection, and privilege escalation in Nagios XI to pop a root shell. 5 (CVE-2021-37343). m. php and the session cookies Aug 3, 2020 · The correct Nagios XI admin console This page looks more like it! The Nagios version 5. When combined, these two vulnerabilities allow e Network Enumeration Steganography CVE-2019-15949 - Nagios XI Metasploit (nagios_xi_authenticated_rce) Mar 18, 2021 · The module detects the version of Nagios XI applications and suggests matching exploit modules based on the version number. php Root Remote Code Execution (Metasploit). 5 - ConfigWizards Authenticated Remote Code Execution module exploits OS command injection vulnerabilities in the windowswmi, switch, and cloud-vm configuration wizards, allowing authenticated users to perform remote code execution on Nagios XI versions 5. CVE-2020-35578 . 6 in order to execute arbitrary commands as root. We created an exploit module for the three CVEs, named nagios_xi_configwizards_authenticated_rce. 3 running on CentOS 7. One allows for unauthenticated remote code execution and another allows for local privilege escalation. For list of all metasploit modules, visit Detailed information about the Nagios XI 5. CVE-2018-15710CVE-2018-15708 . webapps exploit for Multiple platform May 1, 2018 · Cale Smith, Benny Husted, Jared AraveMSF:EXPLOIT-LINUX-HTTP-NAGIOS_XI_CHAINED_RCE_2_ELECTRIC_BOOGALOO- HistoryMay 01, 2018 - 2:20 a. Valid credentials for a Nagios XI admin user are required. remote exploit for Linux platform This page contains detailed information about how to use the exploit/linux/http/nagios_xi_autodiscovery_webshell metasploit module. 6 to 5. x before 5. The module uploads a malicious plugin to the Nagios XI server and then executes this plugin by issuing an HTTP GET request to download a system profile from the server. The module achieves this by creating Aug 21, 2019 · A user logged into Nagios XI with permissions to modify plugins, or the 'nagios' user on the server,can modify the ‘check_plugin’ executable and insert malicious commands exectuable as root. remote exploit for Unix platform Metasploit Framework. Jun 29, 2018 · Nagios XI Chained Remote Code Execution - Gain remote root access by exploiting vulnerabilities in Nagios XI 5. Aug 5, 2025 · Information Technology Laboratory National Vulnerability DatabaseVulnerabilities Mar 29, 2021 · The Nagios XI or Nagios Core is a free and open-source computer-software application that monitors systems, networks, and infrastructure. 2. Detailed information about how to use the auxiliary/scanner/http/nagios_xi_scanner metasploit module (Nagios XI Scanner) with examples and msfconsole usage snippets. CVE-2018-8736CVE-2018-8735CVE-2018-8734CVE-2018-8733 . php Root Remote Code Execution (Metasploit) exploits two vulnerabilities in Nagios XI 5. 0, as these versions are not supported at this time Oct 20, 2020 · Module Options To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced': Jul 29, 2019 · This module exploits a vulnerability in Nagios XI before 5. Nagios XI Exploit, Authenticated Remote Command Execution (Metasploit) Go Back Download Feb 15, 2021 · Description Nagios XI version xi-5. The module supports linux/x64 and linux/x86 payloads (target 0) as well as cmd/unix payloads (target 1), However, the only reliable cmd/unix payloads against a typical Nagios XI host (CentOS 7 minimal) seem to be cmd/unix/reverse_perl_ssl and cmd/unix/reverse_openssl. 13, the commands are run as the nagios user. Contribute to rapid7/metasploit-framework development by creating an account on GitHub. 7 Metasploit Module. When used to target a specific host, the module requires valid Mar 10, 2020 · The module uploads a malicious plugin to the Nagios XI server and then executes this plugin by issuing an HTTP GET request to download a system profile from the server. com/2021/09/21/blog-research-securing-network-management-systems-nagios-xi/ Jun 26, 2019 · This Metasploit module exploits two vulnerabilities in Nagios XI 5. This module extracts these credentials, 17 Mar 10, 2020 · 2020-03-10 "Nagios XI - Authenticated Remote Command Execution (Metasploit)" remote exploit for linux platform Metasploit Framework. remote exploit for Linux platform Jul 6, 2016 · Nagios XI Chained - Remote Code Execution (Metasploit). 8. php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagios XI server. Includes SQLi, API key enumeration, adding administrative user, authenticated session establishment, and command injection Show more Apr 1, 2021 · This module exploits a command injection vulnerability (CVE-2020-35578) in the /admin/monitoringplugins. X - Remote Code Execution RCE (Authenticated). Feb 7, 2023 · Nagios XI 5. This module extracts these credentials, creating opportunities for lateral movement. Feb 5, 2022 · This module exploits a path traversal issue in Nagios XI before version 5. Metasploit Framework. Jul 29, 2019 · This module exploits a vulnerability in the getprofile. 0 to 5. This may not work if Nagios XI is Feb 9, 2023 · This Metasploit module exploits CVE-2021-25296, CVE-2021-25297, and CVE-2021-25298, which are OS command injection vulnerabilities in the windowswmi, switch, and cloud-vm configuration wizards that allow an authenticated user to perform remote code execution on Nagios XI versions 5. If authentication succeeds, nagios_xi_login returns # an array containing the http response body of a get request to index. php Root Remote Code Execution (Metasploit)" remote exploit for linux platform Apr 2, 2021 · Additionally a scanner module has been added which will scan Nagios XI installations and try to detect the version installed. 3 in admin/mibs. 5. The module achieves this by creating an autodiscovery job with an `id` field containing a path traversal to a writable and remotely accessible directory, and `custom_ports Metasploit Framework. Once the version of Nagios XI has been obtained, it will then suggest exploits in Metasploit that can be used to exploit that version of Nagios XI, if any exploits are available. Jul 27, 2019 · NagiosXI may store credentials of the hosts it monitors. 5 Command Injection Nessus plugin (157377) including list of exploits and PoCs found on GitHub, in Metasploit or Exploit-DB. Feb 6, 2023 · Improve NagiosXI authenticated exploit modules to increase resilience and for use with Autocheck disabled #17606 Dec 9, 2012 · Nagios XI Network Monitor Graph Explorer Component - Command Injection (Metasploit). This module has been successfully tested against Nagios XI 5. Set database user to root, add admin user using API keys, establish authenticated session, execute payload with sudo, and reset the database user Apr 14, 2021 · This Metasploit module exploits a vulnerability in the getprofile. 6 in order to upload a malicious check_ping plugin and thereby execute arbitrary commands. 5 AutoDiscovery component and could lead to post authenticated RCE under security context of the user running Nagios. Hang with our community on Discord! https://johnhammond. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/switch/switch. 0 when uploading plugins. php that enables an authenticated user with admin privileges to achieve remote code execution as either the Metasploit Framework. 5 as the apache user Metasploit Framework. Since Nagios XI applications only reveal the version to authenticated users, valid credentials for a Nagios XI account are re Jun 25, 2019 · This module exploits two vulnerabilities in Nagios XI <= 5. sh script of Nagios XI prior to 5. Apr 23, 2021 · Community member Erik Wynter has contributed two more Nagios XI modules this week, on top of the previous week’s contributions! Learn about the updates! The module's check method takes advantage of the Msf::Exploit::Remote::HTTP::NagiosXi mixin in order to authenticate to the target and obtain the Nagios XI version number, which is then used to check if the target is Nagios XI prior to 5. 6 through 5. The path traversal allows a remote and authenticated administrator to upload a PHP web shell and execute code as www-data. # Use nagios_xi_login to try and authenticate. 5 running within your target s infrastructure during a pen test, be sure to check both these new modules out as well as the previous week s contributions, as they provide both authenticated and unauthenticated remote code Nagios XI is the enterprise version of Nagios, the monitoring software we love and hate. Contribute to freddiebarrsmith/Nagios-XI-5. Feb 9, 2023 · This Metasploit module exploits CVE-2021-25296, CVE-2021-25297, and CVE-2021-25298, which are OS command injection vulnerabilities in the windowswmi, switch, and cloud-vm configuration wizards that allow an authenticated user to perform remote code execution on Nagios XI versions 5. 7-Metasploit-Module development by creating an account on GitHub. It offers to monitor and alerting services for servers, switches, applications, and services. Jul 2, 2018 · Nagios XI 5. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/windowswmi/windowswmi. For all supported targets except Linux (cmd), the module uses a command stager to write the exploit to the target This page contains detailed information about how to use the exploit/linux/http/nagios_xi_snmptrap_authenticated_rce metasploit module. inc. sh script of Nagios XI versions prior to 5. Nagios XI 5. remote exploit for Linux platform Apr 18, 2018 · Authentication bypass vulnerability in the core config manager in Nagios XI 5. Starting with manual web enumeration, I ident Detailed information about how to use the exploit/linux/http/nagios_xi_chained_rce metasploit module (Nagios XI Chained Remote Code Execution) with examples and The module detects the version of Nagios XI running on a target and suggests matching exploit modules based on the version number. Module Options To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced': Apr 1, 2021 · Valid credentials for a Nagios XI admin user are required. Feb 15, 2021 · Description Nagios XI version xi-5. 5 is susceptible to authenticated remote command injection. 6: CVE-2018-15708 for unauthenticated remote code execution and CVE 2018–15710 for local privilege escalation Apr 19, 2021 · This Metasploit module exploits CVE-2020-5791, an OS command injection vulnerability on Nagios XI versions 5. 13, the commands are run as the nagios user Based off of work by Team82: https://claroty. This module exploits an SQL injection, auth bypass, file upload, command injection, and privilege escalation in Nagios XI <= 5. 7. Jul 15, 2021 · This module exploits a path traversal issue in Nagios XI before version 5. 6 - Magpie_debug. The module takes advantage of the Msf::Exploit::Remote::HTTP::NagiosXi mixin in order to authenticate to the target and obtain the version number, which is only revealed to authenticated users. NEW: CVE-2021-25296 Nagios XI version xi-5. For Nagios XI 5. Detailed information about how to use the exploit/linux/http/nagios_xi_chained_rce metasploit module (Nagios XI Chained Remote Code Execution) with examples and In this ethical hacking tutorial, I demonstrate a full attack chain on Nagios XI, a popular IT monitoring tool. 2019-06-26 "Nagios XI 5. 2fphftty cp acmgxct ztb szbep lgcb g3juxtw mjihl ywk1aw kbgahf4