← All tools

grafanaExp

https://github.com/A-D-Team/grafanaExp

Free

Categories

Exploitation

Description

A exploit tool for Grafana Unauthorized arbitrary file reading vulnerability (CVE-2021-43798), it can burst plugins / extract secret_key / decrypt data_source info automatic.

Keywords

cve-2021-43798 exploit grafana go

Example Usage

➜  ./grafanaExp -h
NAME:
   grafanaExp - Exploit Grafana with CVE-2021-43798 Arbitrary File Read.

USAGE:
   grafanaExp [global options] command [command options] [arguments...]

AUTHOR:
   A&D-Team

COMMANDS:
   exp      -u [url] -p [plugin] -c [config] -d [db] -k [key]
   decode   decode -f [dbfile] -k [key]
   help, h  Shows a list of commands or help for one command

GLOBAL OPTIONS:
   --help, -h  show help (default: false)