Vulnerability & Exploit Database

Back to search

Zabbix toggle_ids SQL Injection

This module will exploit a SQL injection in Zabbix 3.0.3 and likely prior in order to save the current usernames and password hashes from the database to a JSON file.

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name

auxiliary/gather/zabbix_toggleids_sqli

Authors

  • 1n3 <1n3 [at] hushmail.com>
  • bperry

References

Reliability

Development

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use auxiliary/gather/zabbix_toggleids_sqli msf auxiliary(zabbix_toggleids_sqli) > show actions ...actions... msf auxiliary(zabbix_toggleids_sqli) > set ACTION <action-name> msf auxiliary(zabbix_toggleids_sqli) > show options ...show and set options... msf auxiliary(zabbix_toggleids_sqli) > run