nuclei-templates/network/misconfig/clickhouse-unauth.yaml

id: clickhouse-unauth

info:
  name: ClickHouse - Unauthorized Access
  author: lu4nx
  severity: high
  description: ClickHouse was able to be accessed with no required authentication in place.
  metadata:
    max-request: 1
  tags: network,clickhouse,unauth,misconfig

tcp:
  - inputs:
      # 0011436c69636b486f75736520636c69656e741508b1a9030007 is header
      # 64656661756c74 = default
      - data: 0011436c69636b486f75736520636c69656e741508b1a903000764656661756c7400
        type: hex

    host:
      - "{{Hostname}}"
    port: 9000

    read-size: 100
    matchers:
      - type: word
        words:
          - "ClickHouse"
          - "UTC"
        condition: and
# digest: 490a0046304402202fd443f78e2047b591bca8f3e7ee5a04d985131925e9c82766c93a68b7bb5d9702206422b645cc564aec3b9fedb29bee550e4ae65c58535b879c84efe81ca01cf783:922c64590222798bb761d5b6d8e72950
Add: Unauth ClickHouse Disclosure 2021-08-27 06:08:17 +00:00			`id: clickhouse-unauth`

			`info:`
Dashboard Content Enhancements (#4819) Dashboard Content Enhancements 2022-07-26 13:45:11 +00:00			`name: ClickHouse - Unauthorized Access`
Add: Unauth ClickHouse Disclosure 2021-08-27 06:08:17 +00:00			`author: lu4nx`
			`severity: high`
Dashboard Content Enhancements (#4819) Dashboard Content Enhancements 2022-07-26 13:45:11 +00:00			`description: ClickHouse was able to be accessed with no required authentication in place.`
Added max request counter of each template 2023-04-28 08:11:21 +00:00			`metadata:`
TemplateMan Update [Wed Sep 27 13:29:58 UTC 2023] :robot: 2023-09-27 13:29:58 +00:00			`max-request: 1`
Revert "TemplateMan Update [Mon Apr 8 11:30:07 UTC 2024] :robot:" This reverts commit 433dda4ae5b824564b44075bb95a96ecdbe263a6. 2024-04-08 11:34:33 +00:00			`tags: network,clickhouse,unauth,misconfig`
Add: Unauth ClickHouse Disclosure 2021-08-27 06:08:17 +00:00
Refactoring the directory structure based on protocols (#7137) * moving http templates * updated cves.json * moved network CVEs * updated scripts * updated workflows * updated requests to http * replaced network to tcp --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2023-04-27 04:28:59 +00:00			`tcp:`
Add: Unauth ClickHouse Disclosure 2021-08-27 06:08:17 +00:00			`- inputs:`
			`# 0011436c69636b486f75736520636c69656e741508b1a9030007 is header`
			`# 64656661756c74 = default`
			`- data: 0011436c69636b486f75736520636c69656e741508b1a903000764656661756c7400`
			`type: hex`

			`host:`
Update clickhouse-unauth.yaml 2021-08-27 07:53:24 +00:00			`- "{{Hostname}}"`
removed duplicate network request 2023-09-16 19:35:21 +00:00			`port: 9000`
Add: Unauth ClickHouse Disclosure 2021-08-27 06:08:17 +00:00
			`read-size: 100`
			`matchers:`
			`- type: word`
			`words:`
			`- "ClickHouse"`
Increase judgment conditions to avoid false positives (#4317) * Increase judgment conditions to avoid false positives * misc format update Co-authored-by: sandeep <sandeep@projectdiscovery.io> 2022-05-08 06:50:52 +00:00			`- "UTC"`
Dashboard Content Enhancements (#4819) Dashboard Content Enhancements 2022-07-26 13:45:11 +00:00			`condition: and`
Auto Template Signing [Thu Oct 19 13:13:50 UTC 2023] :robot: 2023-10-19 13:13:52 +00:00			`# digest: 490a0046304402202fd443f78e2047b591bca8f3e7ee5a04d985131925e9c82766c93a68b7bb5d9702206422b645cc564aec3b9fedb29bee550e4ae65c58535b879c84efe81ca01cf783:922c64590222798bb761d5b6d8e72950`