Adding network templates

2021-03-09 16:53:40 +05:30 · 2021-03-09 16:53:40 +05:30 · f7104e0a24
parent 1c94e7bc22
commit f7104e0a24
5 changed files with 111 additions and 0 deletions
--- a/network/exposed-redis.yaml
+++ b/network/exposed-redis.yaml
@ -0,0 +1,26 @@
+id: exposed-redis
+
+info:
+  name: Redis Unauth Server
+  author: pd-team
+  severity: high
+  reference: https://redis.io/topics/security
+  tags: network,redis
+
+network:
+  - inputs:
+      - data: "info\r\nquit\r\n"
+
+    host:
+      - "{{Hostname}}"
+    read-size: 2048
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "redis_version"
+      - type: word
+        negative: true
+        words:
+          - "redis_mode:sentinel"
--- a/network/exposed-zookeeper.yaml
+++ b/network/exposed-zookeeper.yaml
@ -0,0 +1,21 @@
+id: exposed-zookeeper
+
+info:
+  name: ZooKeeper Unauth Server
+  author: pd-team
+  severity: high
+  reference: https://zookeeper.apache.org/security.html
+  tags: network,zookeeper
+
+network:
+  - inputs:
+      - data: "envi\r\nquit\r\n"
+
+    host:
+      - "{{Hostname}}"
+    read-size: 2048
+
+    matchers:
+      - type: word
+        words:
+          - "zookeeper.version"
--- a/network/memcached-stats.yaml
+++ b/network/memcached-stats.yaml
@ -0,0 +1,20 @@
+id: memcached-stats
+
+info:
+  name: Memcached stats disclosure
+  author: pd-team
+  severity: low
+  tags: network,memcached
+
+network:
+  - inputs:
+      - data: "stats\r\n\r\nquit\r\n"
+
+    host:
+      - "{{Hostname}}"
+    read-size: 2048
+
+    matchers:
+      - type: word
+        words:
+          - "STAT "
--- a/network/mongodb-detect.yaml
+++ b/network/mongodb-detect.yaml
@ -0,0 +1,23 @@
+id: mongodb-detect
+
+info:
+  name: MongoDB Detection
+  author: pd-team
+  severity: info
+  reference: https://github.com/orleven/Tentacle
+  tags: network,mongodb
+
+network:
+  - inputs:
+      - data: 3a000000a741000000000000d40700000000000061646d696e2e24636d640000000000ffffffff130000001069736d6173746572000100000000
+        type: hex
+
+    host:
+      - "{{Hostname}}"
+    read-size: 2048
+
+    matchers:
+      - type: word
+        words:
+          - "logicalSessionTimeout"
+          - "localTime"
--- a/network/mongodb-unauth.yaml
+++ b/network/mongodb-unauth.yaml
@ -0,0 +1,21 @@
+id: mongodb-unauth
+
+info:
+  name: Unauth MongoDB Disclosure
+  author: pd-team
+  severity: high
+  reference: https://github.com/orleven/Tentacle
+  tags: network,mongodb
+
+network:
+  - inputs:
+      - data: 480000000200000000000000d40700000000000061646d696e2e24636d6400000000000100000021000000026765744c6f670010000000737461727475705761726e696e67730000
+        type: hex
+
+    host:
+      - "{{Hostname}}"
+    read-size: 2048
+    matchers:
+      - type: word
+        words:
+          - "totalLinesWritten"