nuclei-templates/network/misconfig/tidb-unauth.yaml

id: tidb-unauth

info:
  name: TiDB - Unauthenticated Access
  author: lu4nx
  severity: high
  description: TiDB server was able to be accessed because no authentication was required.
  metadata:
    max-request: 1
    zoomeye-query: tidb +port:"4000"
  tags: network,tidb,unauth,misconfig,tcp

tcp:
  - inputs:
      - read: 1024              # skip handshake packet
      - data: b200000185a6ff0900000001ff0000000000000000000000000000000000000000000000726f6f7400006d7973716c5f6e61746976655f70617373776f72640075045f70696406313337353030095f706c6174666f726d067838365f3634035f6f73054c696e75780c5f636c69656e745f6e616d65086c69626d7973716c076f735f757365720578787878780f5f636c69656e745f76657273696f6e06382e302e32360c70726f6772616d5f6e616d65056d7973716c  # authentication
        type: hex

    host:
      - "{{Hostname}}"
    port: 4000

    read-size: 1024

    matchers:
      - type: binary
        binary:
          # resp format:
          # 07: length, 02: sequence number, 00: success
          - "0700000200000002000000"
# digest: 4a0a0047304502205fa2e5db457c1ae1e94d1c9ecaec7f13c67c55d69d44a05814afdd5b51fdf9e6022100851bf0cd00aca3ae340dc787728bde14513b2555f7be9a8beb49927b0a8aa923:922c64590222798bb761d5b6d8e72950
Add TiDB unauthenticated check plugin 2021-09-28 10:17:35 +00:00			`id: tidb-unauth`

			`info:`
Dashboard Content Enhancements (#4819) Dashboard Content Enhancements 2022-07-26 13:45:11 +00:00			`name: TiDB - Unauthenticated Access`
Add TiDB unauthenticated check plugin 2021-09-28 10:17:35 +00:00			`author: lu4nx`
			`severity: high`
Dashboard Content Enhancements (#4819) Dashboard Content Enhancements 2022-07-26 13:45:11 +00:00			`description: TiDB server was able to be accessed because no authentication was required.`
Update tidb-unauth.yaml 2021-09-29 11:03:26 +00:00			`metadata:`
TemplateMan Update [Wed Sep 27 13:29:58 UTC 2023] :robot: 2023-09-27 13:29:58 +00:00			`max-request: 1`
Dashboard Content Enhancements (#6598) Dashboard Content Enhancements 2023-01-23 22:14:23 +00:00			`zoomeye-query: tidb +port:"4000"`
TemplateMan Update [Fri Jun 7 10:04:28 UTC 2024] :robot: 2024-06-07 10:04:29 +00:00			`tags: network,tidb,unauth,misconfig,tcp`
Add TiDB unauthenticated check plugin 2021-09-28 10:17:35 +00:00
Refactoring the directory structure based on protocols (#7137) * moving http templates * updated cves.json * moved network CVEs * updated scripts * updated workflows * updated requests to http * replaced network to tcp --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2023-04-27 04:28:59 +00:00			`tcp:`
Add TiDB unauthenticated check plugin 2021-09-28 10:17:35 +00:00			`- inputs:`
			`- read: 1024 # skip handshake packet`
Dashboard Text Enhancement (#3798) Dashboard text enhancements 2022-02-28 14:09:26 +00:00			`- data: b200000185a6ff0900000001ff0000000000000000000000000000000000000000000000726f6f7400006d7973716c5f6e61746976655f70617373776f72640075045f70696406313337353030095f706c6174666f726d067838365f3634035f6f73054c696e75780c5f636c69656e745f6e616d65086c69626d7973716c076f735f757365720578787878780f5f636c69656e745f76657273696f6e06382e302e32360c70726f6772616d5f6e616d65056d7973716c # authentication`
Add TiDB unauthenticated check plugin 2021-09-28 10:17:35 +00:00			`type: hex`

			`host:`
			`- "{{Hostname}}"`
removed duplicate network request 2023-09-16 19:35:21 +00:00			`port: 4000`
Add TiDB unauthenticated check plugin 2021-09-28 10:17:35 +00:00
			`read-size: 1024`

			`matchers:`
			`- type: binary`
			`binary:`
			`# resp format:`
			`# 07: length, 02: sequence number, 00: success`
			`- "0700000200000002000000"`
Auto Template Signing [Sat Jun 8 16:02:16 UTC 2024] :robot: 2024-06-08 16:02:17 +00:00			`# digest: 4a0a0047304502205fa2e5db457c1ae1e94d1c9ecaec7f13c67c55d69d44a05814afdd5b51fdf9e6022100851bf0cd00aca3ae340dc787728bde14513b2555f7be9a8beb49927b0a8aa923:922c64590222798bb761d5b6d8e72950`