2023-03-25 16:28:41 +00:00
id : erlang-daemon
2023-03-24 16:28:12 +00:00
info :
name : Erlang Port Mapper Daemon
2024-08-16 13:55:15 +00:00
author : pussycat0x,daffainfo
2023-03-24 16:28:12 +00:00
severity : low
description : |
2024-01-14 13:49:27 +00:00
The erlang port mapper daemon is used to coordinate distributed erlang instances. His job is to keep track of which node name listens on which address. Hence, epmd map symbolic node names to machine addresses.
2023-03-24 16:28:12 +00:00
reference :
- https://nmap.org/nsedoc/scripts/epmd-info.html
- https://book.hacktricks.xyz/network-services-pentesting/4369-pentesting-erlang-port-mapper-daemon-epmd
- https://medium.com/@_sadshade/couchdb-erlang-and-cookies-rce-on-default-settings-b1e9173a4bcd
metadata :
2024-06-07 10:04:29 +00:00
verified : true
2024-01-14 13:49:27 +00:00
max-request : 1
2023-03-24 16:28:12 +00:00
shodan-query : product:"Erlang Port Mapper Daemon"
2024-06-07 10:04:29 +00:00
tags : demon,enum,erlang,epmd,network,misconfig,tcp
2024-01-14 13:58:21 +00:00
tcp :
2023-03-24 16:28:12 +00:00
- inputs :
2023-03-24 16:31:02 +00:00
- data : "\x00\x01\x6e"
2023-03-24 16:28:12 +00:00
host :
2023-12-29 13:10:17 +00:00
- "{{Hostname}}"
port : 4369
2023-03-24 16:28:12 +00:00
2024-08-16 13:55:15 +00:00
matchers-condition : and
2024-05-24 09:32:24 +00:00
matchers :
- type : word
words :
- "HTTP/1.1"
negative : true
2024-08-16 13:55:15 +00:00
- type : word
words :
- "name"
- "at port"
condition : and
2023-03-24 16:28:12 +00:00
extractors :
2024-08-16 13:55:15 +00:00
- type : regex
regex :
- 'name (.*?) at port ([0-9]+)'
2024-08-16 13:57:37 +00:00
# digest: 4b0a00483046022100f94aa4a5746bd22235cbc0684ceb4233b9d6e9a13b4773aeff41aadf9e52e552022100b0e666dec59f22fb72b3be096ce1a731d313d4f59ec423305f134626a49ff696:922c64590222798bb761d5b6d8e72950
