Update exposed-dockerd.yaml
parent
62daf0fa83
commit
5584a179be
|
@ -4,7 +4,8 @@ info:
|
||||||
name: Docker Daemon Exposed
|
name: Docker Daemon Exposed
|
||||||
author: arafat
|
author: arafat
|
||||||
severity: critical
|
severity: critical
|
||||||
description: Docker Daemon exposed on the network map can help remote attacker to gain access to the Docker containers and potentially the host system.
|
description: |
|
||||||
|
Docker Daemon exposed on the network map can help remote attacker to gain access to the Docker containers and potentially the host system.
|
||||||
metadata:
|
metadata:
|
||||||
verified: true
|
verified: true
|
||||||
shodan-query: port:2375 product:"docker"
|
shodan-query: port:2375 product:"docker"
|
||||||
|
@ -21,12 +22,4 @@ network:
|
||||||
matchers:
|
matchers:
|
||||||
- type: word
|
- type: word
|
||||||
words:
|
words:
|
||||||
- "Docker"
|
- "Server: Docker"
|
||||||
|
|
||||||
extractors:
|
|
||||||
- type: regex
|
|
||||||
regex:
|
|
||||||
- "Version:([0-9.]+)"
|
|
||||||
- "Kernel Version:([0-9.]+)"
|
|
||||||
- "API Version:([0-9.]+)"
|
|
||||||
- "Container #1:([A-Za-z0-9]+)"
|
|
||||||
|
|
Loading…
Reference in New Issue