From 783e5bf6773185f2f67d6e61a25ba08a613e6c9c Mon Sep 17 00:00:00 2001 From: nullfuzz Date: Sat, 12 Aug 2023 23:03:01 -0300 Subject: [PATCH 1/3] Added nethermind-server-detect template --- .../nethermind-server-detect.yaml | 41 +++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 http/technologies/nethermind-server-detect.yaml diff --git a/http/technologies/nethermind-server-detect.yaml b/http/technologies/nethermind-server-detect.yaml new file mode 100644 index 0000000000..bfd4066601 --- /dev/null +++ b/http/technologies/nethermind-server-detect.yaml @@ -0,0 +1,41 @@ +id: nethermind-server + +info: + name: Nethermind JSON-RPC HTTP Server Detect + author: Nullfuzz + severity: info + description: | + Nethermind is a high-performance, highly configurable full Ethereum protocol execution client built on .NET that runs on Linux, Windows, and macOS, and supports Clique, Aura, and Ethash. By default Nethermind runs a JSON-RPC HTTP server on port 8545/TCP + reference: + - https://nethermind.io/ + - https://docs.nethermind.io/nethermind/ethereum-client/json-rpc/web3 + - https://github.com/NethermindEth/nethermind + metadata: + max-request: 1 + shodan-query: product:"Nethermind" + tags: tech,nethermind,ethereum,web3,blockchain + +http: + - raw: + - | + POST / HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/json + Content-Length: 66 + + {"method":"web3_clientVersion","params":[],"id":1,"jsonrpc":"2.0"} + + matchers: + - type: dsl + dsl: + - 'status_code == 200' + - 'contains(header, "application/json")' + - 'contains(body, "Nethermind")' + condition: and + + extractors: + - type: regex + part: body + group: 1 + regex: + - '(v[0-9a-z-_.]+)' \ No newline at end of file From 89ca4dfb26bc77fc0f73bc5d621a71ef30a8ba67 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 14 Aug 2023 10:14:56 +0530 Subject: [PATCH 2/3] added verified , updated id name --- http/technologies/nethermind-server-detect.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/http/technologies/nethermind-server-detect.yaml b/http/technologies/nethermind-server-detect.yaml index bfd4066601..450c6847de 100644 --- a/http/technologies/nethermind-server-detect.yaml +++ b/http/technologies/nethermind-server-detect.yaml @@ -1,4 +1,4 @@ -id: nethermind-server +id: nethermind-server-detect info: name: Nethermind JSON-RPC HTTP Server Detect @@ -13,6 +13,7 @@ info: metadata: max-request: 1 shodan-query: product:"Nethermind" + verified: true tags: tech,nethermind,ethereum,web3,blockchain http: @@ -21,7 +22,6 @@ http: POST / HTTP/1.1 Host: {{Hostname}} Content-Type: application/json - Content-Length: 66 {"method":"web3_clientVersion","params":[],"id":1,"jsonrpc":"2.0"} @@ -38,4 +38,4 @@ http: part: body group: 1 regex: - - '(v[0-9a-z-_.]+)' \ No newline at end of file + - '(v[0-9a-z-_.]+)' From 8bc1dcb2f13eeb064cf6f6ccfca39bf348f3d097 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Mon, 14 Aug 2023 12:07:13 +0530 Subject: [PATCH 3/3] Update nethermind-server-detect.yaml --- http/technologies/nethermind-server-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http/technologies/nethermind-server-detect.yaml b/http/technologies/nethermind-server-detect.yaml index 450c6847de..81c4c23599 100644 --- a/http/technologies/nethermind-server-detect.yaml +++ b/http/technologies/nethermind-server-detect.yaml @@ -1,7 +1,7 @@ id: nethermind-server-detect info: - name: Nethermind JSON-RPC HTTP Server Detect + name: Nethermind JSON-RPC HTTP Server - Detect author: Nullfuzz severity: info description: |