最近又有人挖坑zabbix的sql注入漏洞,此漏洞不在详细说了。此漏洞的利用有个条件必须要登录才行。zabbix如果不做安全配置的话,默认是guest用户空密码可以登录的。
为此写一个脚本检测是否禁用了guest用户,用来批量检查,加固。
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
use strict; use warnings; use LWP; use Encode; use Data::Dumper; my $lwp = LWP::UserAgent->new; my @url=qw( http://192.168.1/zabbix http://zabbix.ooxx.com http://sb.zabbix.rc/zabbix #... 添加和修改更多的地址 ); for (@url) { my $login_url = $_."/dashboard.php"; print $login_url,":\n"; my $respos= $lwp->get($login_url); if ($respos->is_success) { my $res=$respos->content; print "please disable guest accesss!","\n" if $res=~/menu_graphs/ms; print "good","\n" if $res=~/(\<\!-- Login Form --\>)|(You are not logged in)/ms; } else { print "Login Error: ",$respos->status_line,"\n"; } } |
上面是是多个地址批量检验的,同时没有兼顾新版本的zabbix,新版可能会报 404错误,下面在发一个检测单url的,同时兼顾新版本zabbix的
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 |
use strict; use warnings; use LWP; use Encode; use Data::Dumper; my $url=shift @ARGV; my $lwp = LWP::UserAgent->new; my $login_url1 = $url."/zabbix.php?action=dashboard.view"; my $login_url = $url."/dashboard.php"; my $ok=check($login_url); $ok=check($login_url1) unless $ok; print "Login Error: ","\n" unless $ok; sub check { my $url=shift; print $url,":\n"; my $respos= $lwp->get($url); if ($respos->is_success) { my $res=$respos->content; print "please disable guest accesss!","\n" if $res=~/menu_graphs|initPMaster/ms; print "good","\n" if $res=~/(<\!-- Login Form --\>)|(You are not logged in)/ms; return 1; } else {return 0}; } |
使用方法:以上脚本保存为ztest1.pl
然后执行 perl ztest1.pl http://zabbix.org/zabbix