30 lines
568 B
YAML
30 lines
568 B
YAML
|
id: finger-detect
|
||
|
|
|
||
|
|
info:
|
||
|
|
name: Finger Daemon Detection
|
||
|
|
author: DhiyaneshDK
|
||
|
|
severity: info
|
||
|
|
description: |
|
||
|
|
The finger daemon runs on TCP port 79. The client will (in the case of remote hosts) open a connection to port 79.
|
||
|
|
metadata:
|
||
|
|
verified: true
|
||
|
|
shodan-query: port:"79" action
|
||
|
|
tags: network,finger
|
||
|
|
|
||
|
|
network:
|
||
|
|
- inputs:
|
||
|
|
- data: "\n"
|
||
|
|
|
||
|
|
host:
|
||
|
|
- "{{Hostname}}"
|
||
|
|
- "{{Host}}:79"
|
||
|
|
|
||
|
|
matchers:
|
||
|
|
- type: word
|
||
|
|
part: body
|
||
|
|
words:
|
||
|
|
- "User"
|
||
|
|
- "Action"
|
||
|
|
- "Node"
|
||
|
|
condition: and
|