Fed0t Posted April 23, 2014 Report Share Posted April 23, 2014 (edited) In filmulet veti vedea cum functioneaza!Rata de succes foarte scazuta deoarece pluginul NRPE are un fisier de config care contine allowed_hosts = 127.0.0.1 ca default iar dupa configurare de obicei se pun doar serverele pe care le doreste administratorul!Am intrebat si pe canalul lor de IRC si mi-au confirmat ca doar cei trecuti in allowed_hosts pot da comenzi!Daca cunoaste cineva si lucreaza cu Nagios si NRPE este asteptat aici poate ne invata mai multe chestii cum putem da bypass la allowed_hosts!http://smarth.ro/public/nrpe-exploit.pyhttp://smarth.ro//public/shell.txt Edited July 2, 2014 by Fed0t 3 1 Quote Link to comment Share on other sites More sharing options...
Zatarra Posted April 23, 2014 Report Share Posted April 23, 2014 Mutat la RSTpower + vip Fed0t. Quote Link to comment Share on other sites More sharing options...
bcman Posted April 23, 2014 Report Share Posted April 23, 2014 Ai folosit asta de aici? https://rstforums.com/forum/83722-nrpe-2-15-remote-command-execution.rst Quote Link to comment Share on other sites More sharing options...
Fed0t Posted April 23, 2014 Author Report Share Posted April 23, 2014 Ai folosit asta de aici? https://rstforums.com/forum/83722-nrpe-2-15-remote-command-execution.rst Da. Quote Link to comment Share on other sites More sharing options...
florinul Posted May 19, 2014 Report Share Posted May 19, 2014 95.85.55.54 Open (Trying to exploit.Check NetCat Listener)/bin/sh: /usr/local/nagios/libexec/check_nrpe: No such file or directory de ce da asa? Quote Link to comment Share on other sites More sharing options...
florinul Posted May 19, 2014 Report Share Posted May 19, 2014 trebuie sa am nagios instalat pe severu de pe care rulez scanneru ? Quote Link to comment Share on other sites More sharing options...
florinul Posted May 20, 2014 Report Share Posted May 20, 2014 Fed0t trebuie sa am nagios instalat pe severul de pe care rulez exploitul ? Quote Link to comment Share on other sites More sharing options...
wildchild Posted May 23, 2014 Report Share Posted May 23, 2014 @ENCODED "CHECK_NRPE: Error - Could not complete SSL handshake" apare în momentul în care checkul rulat în /usr/lib64/nagios/plugins nu g?se?te ruta spre serverul cu nrpe instalat. Quote Link to comment Share on other sites More sharing options...
ENCODED Posted May 23, 2014 Report Share Posted May 23, 2014 @ENCODED "CHECK_NRPE: Error - Could not complete SSL handshake" apare în momentul în care checkul rulat în /usr/lib64/nagios/plugins nu g?se?te ruta spre serverul cu nrpe instalat.Nu neaparat, se poate fi si din iptables sau din dns, am citit la tutoriale pana am am gasit rezolvarea si la mine era din dns Quote Link to comment Share on other sites More sharing options...
wildchild Posted May 23, 2014 Report Share Posted May 23, 2014 Nu neaparat, se poate fi si din iptables sau din dns, am citit la tutoriale pana am am gasit rezolvarea si la mine era din dns Sau oricare din cazurile de networking. Ce am spus e general valabil dac? check-ul nu ajunge la nrpe. Quote Link to comment Share on other sites More sharing options...
florinul Posted May 23, 2014 Report Share Posted May 23, 2014 banuiesc ca la mine e fiindc anu am nagios instalat pe srverul de pe care incec scanul nu ? Quote Link to comment Share on other sites More sharing options...
Maximus Posted May 27, 2014 Report Share Posted May 27, 2014 Felicitari ! +1 Quote Link to comment Share on other sites More sharing options...
uhm Posted June 20, 2014 Report Share Posted June 20, 2014 --2014-06-20 22:52:23-- http://smarth.ro/nrpe-exploit.pyResolving smarth.ro (smarth.ro)... 185.45.12.130Connecting to smarth.ro (smarth.ro)|185.45.12.130|:80... connected.HTTP request sent, awaiting response... 404 Not Found2014-06-20 22:52:24 ERROR 404: Not Found. Quote Link to comment Share on other sites More sharing options...
Hubba Posted June 22, 2014 Report Share Posted June 22, 2014 nu mai merge link-ul ... Quote Link to comment Share on other sites More sharing options...
r_m_a Posted August 3, 2014 Report Share Posted August 3, 2014 salut , se poate face reupload ? Quote Link to comment Share on other sites More sharing options...
verdelemeu Posted August 3, 2014 Report Share Posted August 3, 2014 nu se inghesuie baietii care au apucat sa il ia, ca sa il imparata cu restul care nu au avut sansa sa il ia cat era sus. tipic romanesc doar ei sa aibe toate serverele de parca nu ar fi loc pentru toata lumea. Quote Link to comment Share on other sites More sharing options...
r_m_a Posted August 3, 2014 Report Share Posted August 3, 2014 asteptam . poate il mai are cineva . Quote Link to comment Share on other sites More sharing options...
Htich Posted August 3, 2014 Report Share Posted August 3, 2014 https://www.sendspace.com/file/4qw99o ( nrpe-exploit.py ) Quote Link to comment Share on other sites More sharing options...
r_m_a Posted August 4, 2014 Report Share Posted August 4, 2014 multumesc pentru upload. Quote Link to comment Share on other sites More sharing options...
gugustiuc Posted August 22, 2014 Report Share Posted August 22, 2014 CHECK_NRPE: Error - Could not complete SSL handshakecred ca am instalat vre-o 5 versiuni de nrpe si nagios-ul de 3,4 ori si am editat nrpe.cfg si nrpe din xinetd de le stiu pe de rost si tot blestemata asta de eroare o vad Quote Link to comment Share on other sites More sharing options...
