Skip to content
/ GrafanaDirInclusion Public

Script to demonstrate the Grafana directory traversal exploit (CVE-2021-43798).

0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Jroo1053/GrafanaDirInclusion

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
src
src
 
 
test
test
 
 
.gitignore
.gitignore
 
 
.travis.yml
.travis.yml
 
 
README.md
README.md
 
 
UNLICENSE
UNLICENSE
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

Grafana CVE-2021-43798 Exploit Script

Script to demonstrate the Grafana directory traversal exploit (CVE-2021-43798) that affects Grafana versions 8.0.0-beta1 through 8.3.0. Primarily used for a demonstration in a CTF. Written in python with standard library modules only. Only use this for legitimate purposes e.g testing and CTFs please.

Installation

wget https://raw.githubusercontent.com/Jroo1053/GrafanaDirInclusion/master/exploit.py

Usage

usage: exploit.py [-h] -u TARGET_URL -p TARGET_PORT [-o OUTPUT_FILE] -f TARGET_FILE

Grafana CVE-2021-43798 (File Read Exploit)

optional arguments:
  -h, --help      show this help message and exit
  -u TARGET_URL   Target URL
  -p TARGET_PORT  Target Port
  -o OUTPUT_FILE  Output File
  -f TARGET_FILE  Remote File To Read

About

Script to demonstrate the Grafana directory traversal exploit (CVE-2021-43798).

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages