Today, I will share an Information Disclosure vulnerability that I reported. It involved a Grafana login with default credentials, which I brought to the attention of a security team as part of their bug bounty program at Hackerone. I discovered this Grafana login through a useful Google Dork of mine.
Google Dorks are advanced search operators and techniques used to extract specific data from Google’s vast index. In the realm of cybersecurity, Google Dorks are typically used to locate misconfigurations and exposed information that shouldn’t be public. You can find my Google Dorks here: https://github.com/Proviesec/google-dorks
If you want to learn more about Google Dorks: https://medium.com/bugbountywriteup/google-dork-the-best-one-and-how-do-you-find-bugs-with-it-689c69804b81
Grafana is an open-source platform for monitoring and observability. It allows users to visualize, explore, and correlate data from various data sources such as databases, web services, and third-party tools. With Grafana, you can create dynamic and informative dashboards, set up alerts to notify you about any critical events or anomalies, and gain insights into your system’s performance and behavior over time. It is a highly customizable tool widely used in many fields including IT operations, DevOps, and IoT for real-time monitoring of large-scale data environments.
After using the Google Dork to find instances of Grafana, I noticed that one of the instances had a login page. Here are the steps I took to exploit the vulnerability: