hacktricks/network-services-pentesting/5601-pentesting-kibana.md

54 lines
4.1 KiB
Markdown
Raw Normal View History

2022-04-28 16:01:33 +00:00
<details>
2024-02-11 02:13:58 +00:00
<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>
2022-04-28 16:01:33 +00:00
2024-02-11 02:13:58 +00:00
Njia nyingine za kusaidia HackTricks:
2022-04-28 16:01:33 +00:00
2024-02-11 02:13:58 +00:00
* Ikiwa unataka kuona **kampuni yako inatangazwa kwenye HackTricks** au **kupakua HackTricks kwa muundo wa PDF** Angalia [**MPANGO WA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Pata [**swag rasmi ya PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**The PEASS Family**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa kipekee wa [**NFTs**](https://opensea.io/collection/the-peass-family)
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwenye** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
2022-04-28 16:01:33 +00:00
</details>
2024-02-11 02:13:58 +00:00
# Taarifa Msingi
2021-01-28 13:40:17 +00:00
2024-02-11 02:13:58 +00:00
Kibana inajulikana kwa uwezo wake wa kutafuta na kuonyesha data ndani ya Elasticsearch, kawaida ikifanya kazi kwenye bandari **5601**. Inatumika kama kiolesura cha kikundi cha Elastic Stack kwa kazi za ufuatiliaji, usimamizi, na usalama.
2021-01-28 13:40:17 +00:00
2024-02-11 02:13:58 +00:00
## Kuelewa Uthibitishaji
2021-01-28 13:40:17 +00:00
2024-02-11 02:13:58 +00:00
Mchakato wa uthibitishaji katika Kibana unahusishwa kwa asili na **vitambulisho vinavyotumiwa katika Elasticsearch**. Ikiwa Elasticsearch ina uthibitishaji uliowezeshwa, Kibana inaweza kupatikana bila vitambulisho vyovyote. Kwa upande mwingine, ikiwa Elasticsearch imehifadhiwa na vitambulisho, vitambulisho sawa vinahitajika kupata Kibana, ikidumisha ruhusa sawa za mtumiaji kwenye jukwaa zote mbili. Vitambulisho vinaweza kupatikana katika faili ya **/etc/kibana/kibana.yml**. Ikiwa vitambulisho hivi havihusiani na mtumiaji wa **kibana_system**, vinaweza kutoa haki za ufikiaji zaidi, kwani ufikiaji wa mtumiaji wa kibana_system umepunguzwa kwa APIs za ufuatiliaji na indeksi ya .kibana.
2021-01-28 13:40:17 +00:00
2024-02-11 02:13:58 +00:00
## Hatua Baada ya Kupata Ufikiaji
2021-01-28 13:40:17 +00:00
2024-02-11 02:13:58 +00:00
Marafiki kupata Kibana, hatua kadhaa zinashauriwa:
2021-01-28 13:40:17 +00:00
2024-02-11 02:13:58 +00:00
- Kuchunguza data kutoka Elasticsearch inapaswa kuwa kipaumbele.
- Uwezo wa kusimamia watumiaji, ikiwa ni pamoja na kuhariri, kufuta, au kuunda watumiaji, majukumu, au funguo za API mpya, unapatikana chini ya Usimamizi wa Kundi -> Watumiaji/Majukumu/Funguo za API.
- Ni muhimu kuangalia toleo lililowekwa la Kibana kwa kasoro zinazojulikana, kama vile kasoro ya RCE iliyojulikana katika toleo kabla ya 6.6.0 ([Maelezo Zaidi](https://insinuator.net/2021/01/pentesting-the-elk-stack/#ref2)).
2021-01-28 13:40:17 +00:00
2024-02-11 02:13:58 +00:00
## Uzingatiaji wa SSL/TLS
2021-01-28 13:40:17 +00:00
2024-02-11 02:13:58 +00:00
Katika hali ambapo SSL/TLS haijaanzishwa, uwezekano wa kuvuja kwa habari nyeti unapaswa kuchunguzwa kwa kina.
2021-01-28 13:40:17 +00:00
2024-02-11 02:13:58 +00:00
## Marejeo
2021-01-28 13:40:17 +00:00
* [https://insinuator.net/2021/01/pentesting-the-elk-stack/](https://insinuator.net/2021/01/pentesting-the-elk-stack/)
2022-04-28 16:01:33 +00:00
<details>
2024-02-11 02:13:58 +00:00
<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>
2022-04-28 16:01:33 +00:00
2024-02-11 02:13:58 +00:00
Njia nyingine za kusaidia HackTricks:
2022-04-28 16:01:33 +00:00
2024-02-11 02:13:58 +00:00
* Ikiwa unataka kuona **kampuni yako inatangazwa kwenye HackTricks** au **kupakua HackTricks kwa muundo wa PDF** Angalia [**MPANGO WA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Pata [**swag rasmi ya PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**The PEASS Family**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa kipekee wa [**NFTs**](https://opensea.io/collection/the-peass-family)
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwenye** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
2022-04-28 16:01:33 +00:00
</details>