CVE-2021-41277

Metabase_CVE-2021-41277 Description Metabase is an open source data analytics platform In affected versions a security issue has been discovered with the custom GeoJSON map (admin->settings->maps->custom maps->add a map) support and potential local file inclusion (including environment variables) URLs were not validated prior to being loaded This

CVE-2021-41277 Usage 1 show help info ~/CVE-2021-41277 ❯ go run maingo -h Usage of main: -f string File containing list of targets to verfity -o string File to write output to (optional) -s Show VulnInfo output -t int Number of concurrent goroutines for resolving (default 10) -u string Target to verfity CVE-2

simple program for exploit metabase

CVE-2021-41277 simple program for exploit metabase #install gem install httparty gem install colorize gem install timeout ruby CVErb

CVE-2021-41277 can be extended to an SSRF

CVE-2021-41277_SSRF CVE-2021-41277 can be extended to an SSRF Description Metabase is an open source data analytics platform Metabase versions < 0405 were affected by CVE-2021-41277 which led to local file inclusion according to the CVE description While analyzing the finding described in Metabase Security Advisory and diffing the code, it seemed that it can be exte

Metabase GeoJSON map local file inclusion

CVE-2021-41277 Metabase GeoJSON map local file inclusion Version: (x400-x404) Usage : chmod -x CVE-2021-41277sh /CVE-2021-41277sh ip:port/ /etc/passwd References cvemitreorg/cgi-bin/cvenamecgi?name=CVE-2021-41277

l9explore - Digs the dirt

l9explore l9explore is a plugin based tool doing deep exploration on a wide range of protocols It can be used to expose leaks, misconfigurations and vulnerabilities on any IP network It is the last layer in the l9 tool suite Features Deep protocol exploration Plugin based system Low memory/CPU footprint Multistage (WIP) Current plugins Plugin Protocols Stage Descripti

plugin made for LeakiX

CVE-2021-41277 plugin made for LeakiX

Metabase 任意文件读取

Metabase-cve-2021-41277 Metabase 任意文件读取 optional arguments: -h, --help show this help message and exit -u url, --url url Target url eg:"127001" -f file, --file file Targets in file eg:"iptxt" Use eg1:>>>python3 Metabase-cve-2021-41277py -u 127001 eg2:>>>python3 Metabase-cve-2021-4127

MetaBase 任意文件读取漏洞 fofa批量poc

CVE-2021-41277 MetaBase 任意文件读取漏洞 fofa批量poc 声明 本poc仅用于检测目标是否存在漏洞，严禁用于任何非授权测试，作者不负任何责任。 使用说明 在fofatxt中填入fofa普通会员账号的email和key，如果是高级会员或者企业会员的话，在python程序中修改对应的可查询数据量 直接运行即可

Some-scripts go mod tidy go run CVE-2021-41277-goguigo

It is a nmap script for metabase vulnerability (CVE-2021-41277)

Metabase_Nmap_Script It is a nmap script for metabase vulnerability (CVE-2021-41277) USAGE -- nmap -Pn -n -p443 --script metabasense -- PORT STATE SERVICE -- 443/tcp open https -- | metabase: -- | VULNERABLE: -- | Metabase (CVE-2021-41277) -- | State: VULNERABLE (Exploitable) -- | IDs: CVE:CVE-2021-41277 -- | Metabase is an open source data analytics plat

MetaBase 任意文件读取

CVE-2021-41277 MetaBase 任意文件读取 个人写的小脚本，写的不好还请指正 声明 : 提供的技术仅供学习参考测试，利用本文提供的信息造成的直接或间接损失由使用者自行承担。

Thanks to @ibra0963 for collecting the tips twittercom/Alra3ees/status/1419058927422017540 The easiest RCE i have found on zerocpter so far:- httpx -l hoststxt -path "/_fragment?_path=_controller=phpcredits&flag=-1" -threads 100 -random-agent -x GET -tech-detect -status-code -follow-redirects -title -mc 200 -match-regex "PHP Credits" ``

Metabase任意文件读取漏洞批量扫描工具

CVE-2021-41277 Metabase任意文件读取漏洞批量扫描工具 影响版本： metabase version < 0405 metabase version >= 100, < 1405 修复版本： metabase version >= 0405 metabase version >= 1405 使用说明 usage: CVE-2021-41277py [-h] [-u URL]

PoC for CVE-2021-41277

CVE-2021-41277 PoC Metabase is an open source data analytics platform Local File Inclusion issue has been discovered in some versions of metabase Here is the PoC code in order to determine the target has this vulnerability or not An adversary could read arbitrary files in metabase server Build go build -o CVE-2021-41277 maingo Instal