hacktricks/network-services-pentesting/pentesting-web/grafana.md
2024-12-12 11:39:29 +01:00

2.6 KiB

Grafana

{% hint style="success" %} Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks
{% endhint %}

Interesting stuff

  • The file /etc/grafana/grafana.ini can contain sensitive information such as admin username and password.
  • Inside the platform you could invite people or generate API keys (might need to be admin)
  • You could check which plugins are installed (or even install new)
  • By default it uses SQLite3 database in /var/lib/grafana/grafana.db
    • select user,password,database from data_source;

{% hint style="success" %} Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks
{% endhint %}