diff --git a/README.md b/README.md index ad7ccf8586..c50e07c15a 100644 --- a/README.md +++ b/README.md @@ -43,7 +43,7 @@ An overview of the nuclei template directory including number of templates assoc | exposed-tokens | 9 | dns | 6 | fuzzing | 4 | | helpers | 2 | takeovers | 1 | - | - | -**72 directories, 701 files**. +**73 directories, 704 files**. diff --git a/network/exposed-redis.yaml b/network/exposed-redis.yaml new file mode 100644 index 0000000000..ee683481cd --- /dev/null +++ b/network/exposed-redis.yaml @@ -0,0 +1,27 @@ +id: exposed-redis + +info: + name: Redis Unauth Server + author: pd-team + severity: high + reference: https://redis.io/topics/security + tags: network,redis + +network: + - inputs: + - data: "info\r\nquit\r\n" + + host: + - "{{Hostname}}" + - "{{Hostname}}:6379" + read-size: 2048 + + matchers-condition: and + matchers: + - type: word + words: + - "redis_version" + - type: word + negative: true + words: + - "redis_mode:sentinel" \ No newline at end of file diff --git a/network/exposed-zookeeper.yaml b/network/exposed-zookeeper.yaml new file mode 100644 index 0000000000..027a490123 --- /dev/null +++ b/network/exposed-zookeeper.yaml @@ -0,0 +1,22 @@ +id: exposed-zookeeper + +info: + name: ZooKeeper Unauth Server + author: pd-team + severity: high + reference: https://zookeeper.apache.org/security.html + tags: network,zookeeper + +network: + - inputs: + - data: "envi\r\nquit\r\n" + + host: + - "{{Hostname}}" + - "{{Hostname}}:2181" + read-size: 2048 + + matchers: + - type: word + words: + - "zookeeper.version" \ No newline at end of file diff --git a/network/memcached-stats.yaml b/network/memcached-stats.yaml new file mode 100644 index 0000000000..62f8e25bae --- /dev/null +++ b/network/memcached-stats.yaml @@ -0,0 +1,21 @@ +id: memcached-stats + +info: + name: Memcached stats disclosure + author: pd-team + severity: low + tags: network,memcached + +network: + - inputs: + - data: "stats\r\n\r\nquit\r\n" + + host: + - "{{Hostname}}" + - "{{Hostname}}:11211" + read-size: 2048 + + matchers: + - type: word + words: + - "STAT " \ No newline at end of file diff --git a/network/mongodb-detect.yaml b/network/mongodb-detect.yaml new file mode 100644 index 0000000000..55716383b9 --- /dev/null +++ b/network/mongodb-detect.yaml @@ -0,0 +1,24 @@ +id: mongodb-detect + +info: + name: MongoDB Detection + author: pd-team + severity: info + reference: https://github.com/orleven/Tentacle + tags: network,mongodb + +network: + - inputs: + - data: 3a000000a741000000000000d40700000000000061646d696e2e24636d640000000000ffffffff130000001069736d6173746572000100000000 + type: hex + + host: + - "{{Hostname}}" + - "{{Hostname}}:27017" + read-size: 2048 + + matchers: + - type: word + words: + - "logicalSessionTimeout" + - "localTime" \ No newline at end of file diff --git a/network/mongodb-unauth.yaml b/network/mongodb-unauth.yaml new file mode 100644 index 0000000000..6d8c522a1d --- /dev/null +++ b/network/mongodb-unauth.yaml @@ -0,0 +1,22 @@ +id: mongodb-unauth + +info: + name: Unauth MongoDB Disclosure + author: pd-team + severity: high + reference: https://github.com/orleven/Tentacle + tags: network,mongodb + +network: + - inputs: + - data: 480000000200000000000000d40700000000000061646d696e2e24636d6400000000000100000021000000026765744c6f670010000000737461727475705761726e696e67730000 + type: hex + + host: + - "{{Hostname}}" + - "{{Hostname}}:27017" + read-size: 2048 + matchers: + - type: word + words: + - "totalLinesWritten" \ No newline at end of file