nuclei-templates/network/detect-rsyncd.yaml

id: detect-rsyncd

info:
  name: Detect rsyncd
  author: vsh00t,geeknik
  severity: info
  description: |
    Rsync is a fast and extraordinarily versatile file copying tool. It can copy locally, to/from another host over any remote shell, or to/from a remote rsync daemon.
  reference:
    - https://linux.die.net/man/1/rsync
  tags: network,rsyncd

network:
  - inputs:
      - data: "?\r\n"

    host:
      - "{{Hostname}}"
      - "{{Host}}:873"

    matchers:
      - type: word
        words:
          - "RSYNCD: "
          - "ERROR: protocol startup error"
        condition: and

    extractors:
      - type: regex
        regex:
          - 'RSYNCD: \d\d.\d'
Added detect-rsyncd 2021-06-30 16:31:12 +00:00			`id: detect-rsyncd`

			`info:`
			`name: Detect rsyncd`
			`author: vsh00t,geeknik`
			`severity: info`
Update detect-rsyncd.yaml 2022-08-16 16:16:02 +00:00			`description: \|`
			`Rsync is a fast and extraordinarily versatile file copying tool. It can copy locally, to/from another host over any remote shell, or to/from a remote rsync daemon.`
refactor: Description field uniformization * info field reorder * reference values refactored to list * added new lines after the id and before the protocols * removed extra new lines * split really long descriptions to multiple lines (part 1) * other minor fixes 2022-04-22 10:38:41 +00:00			`reference:`
			`- https://linux.die.net/man/1/rsync`
Added detect-rsyncd 2021-06-30 16:31:12 +00:00			`tags: network,rsyncd`

			`network:`
			`- inputs:`
			`- data: "?\r\n"`

			`host:`
			`- "{{Hostname}}"`
fix: fixed network templates (#3306) 2021-12-09 13:06:24 +00:00			`- "{{Host}}:873"`
Added detect-rsyncd 2021-06-30 16:31:12 +00:00
			`matchers:`
			`- type: word`
			`words:`
			`- "RSYNCD: "`
			`- "ERROR: protocol startup error"`
			`condition: and`

			`extractors:`
			`- type: regex`
			`regex:`
			`- 'RSYNCD: \d\d.\d'`