From f7104e0a24cd238c46861432a44300378558f441 Mon Sep 17 00:00:00 2001 From: sandeep <8293321+ehsandeep@users.noreply.github.com> Date: Tue, 9 Mar 2021 16:53:40 +0530 Subject: [PATCH] Adding network templates --- network/exposed-redis.yaml | 26 ++++++++++++++++++++++++++ network/exposed-zookeeper.yaml | 21 +++++++++++++++++++++ network/memcached-stats.yaml | 20 ++++++++++++++++++++ network/mongodb-detect.yaml | 23 +++++++++++++++++++++++ network/mongodb-unauth.yaml | 21 +++++++++++++++++++++ 5 files changed, 111 insertions(+) create mode 100644 network/exposed-redis.yaml create mode 100644 network/exposed-zookeeper.yaml create mode 100644 network/memcached-stats.yaml create mode 100644 network/mongodb-detect.yaml create mode 100644 network/mongodb-unauth.yaml diff --git a/network/exposed-redis.yaml b/network/exposed-redis.yaml new file mode 100644 index 0000000000..e26d48324c --- /dev/null +++ b/network/exposed-redis.yaml @@ -0,0 +1,26 @@ +id: exposed-redis + +info: + name: Redis Unauth Server + author: pd-team + severity: high + reference: https://redis.io/topics/security + tags: network,redis + +network: + - inputs: + - data: "info\r\nquit\r\n" + + host: + - "{{Hostname}}" + read-size: 2048 + + matchers-condition: and + matchers: + - type: word + words: + - "redis_version" + - type: word + negative: true + words: + - "redis_mode:sentinel" \ No newline at end of file diff --git a/network/exposed-zookeeper.yaml b/network/exposed-zookeeper.yaml new file mode 100644 index 0000000000..cb9cf1dd71 --- /dev/null +++ b/network/exposed-zookeeper.yaml @@ -0,0 +1,21 @@ +id: exposed-zookeeper + +info: + name: ZooKeeper Unauth Server + author: pd-team + severity: high + reference: https://zookeeper.apache.org/security.html + tags: network,zookeeper + +network: + - inputs: + - data: "envi\r\nquit\r\n" + + host: + - "{{Hostname}}" + read-size: 2048 + + matchers: + - type: word + words: + - "zookeeper.version" \ No newline at end of file diff --git a/network/memcached-stats.yaml b/network/memcached-stats.yaml new file mode 100644 index 0000000000..e6e831c8c1 --- /dev/null +++ b/network/memcached-stats.yaml @@ -0,0 +1,20 @@ +id: memcached-stats + +info: + name: Memcached stats disclosure + author: pd-team + severity: low + tags: network,memcached + +network: + - inputs: + - data: "stats\r\n\r\nquit\r\n" + + host: + - "{{Hostname}}" + read-size: 2048 + + matchers: + - type: word + words: + - "STAT " \ No newline at end of file diff --git a/network/mongodb-detect.yaml b/network/mongodb-detect.yaml new file mode 100644 index 0000000000..da8deba9c4 --- /dev/null +++ b/network/mongodb-detect.yaml @@ -0,0 +1,23 @@ +id: mongodb-detect + +info: + name: MongoDB Detection + author: pd-team + severity: info + reference: https://github.com/orleven/Tentacle + tags: network,mongodb + +network: + - inputs: + - data: 3a000000a741000000000000d40700000000000061646d696e2e24636d640000000000ffffffff130000001069736d6173746572000100000000 + type: hex + + host: + - "{{Hostname}}" + read-size: 2048 + + matchers: + - type: word + words: + - "logicalSessionTimeout" + - "localTime" \ No newline at end of file diff --git a/network/mongodb-unauth.yaml b/network/mongodb-unauth.yaml new file mode 100644 index 0000000000..a8febc3c70 --- /dev/null +++ b/network/mongodb-unauth.yaml @@ -0,0 +1,21 @@ +id: mongodb-unauth + +info: + name: Unauth MongoDB Disclosure + author: pd-team + severity: high + reference: https://github.com/orleven/Tentacle + tags: network,mongodb + +network: + - inputs: + - data: 480000000200000000000000d40700000000000061646d696e2e24636d6400000000000100000021000000026765744c6f670010000000737461727475705761726e696e67730000 + type: hex + + host: + - "{{Hostname}}" + read-size: 2048 + matchers: + - type: word + words: + - "totalLinesWritten" \ No newline at end of file