# nagios xi

## Default credentials

```
nagiosadmin:nagiosadmin
nagiosadmin:admin
nagiosadmin:PASSW0RD
```

## Interesting Paths

```bash
# config file
config.inc.php
```

## RCE (authenticated)

v5.7.x | 5.6.0

```
https://www.exploit-db.com/exploits/49422
```

## RCE + PE (try!)

v5.5.6

```
https://github.com/ruthvikvegunta/nagiosxi_rce-to-root
https://github.com/jakgibb/nagiosxi-root-rce-exploit
https://www.exploit-db.com/exploits/46221
https://www.acunetix.com/vulnerabilities/web/nagios-xi-magpie_debug-php-unauthenticated-rce/
```