id: apache-dubbo-unauth

info:
  name: Apache Dubbo - Unauthenticated Access
  author: j4vaovo
  severity: high
  description: |
    Apache Dubbo Unauthenticated Access were detected.
  reference:
    - https://dubbo.apache.org/en/docs3-v2/java-sdk/advanced-features-and-usage/security/auth/
  metadata:
    verified: true
    max-request: 1
    fofa-query: apache dubbo
  tags: network,dubbo,apache,unauth,misconfig,tcp
tcp:
  - inputs:
      - data: "68656c700d0a"
        type: hex

    host:
      - "{{Hostname}}"
    port: 20880
    read-size: 2048

    matchers:
      - type: word
        words:
          - "trace [service] [method] [times]"
# digest: 4b0a00483046022100f3a7157dc55e13b7ebc065fbccfbc667d90574af2ad08551380e537e18fbeca2022100d9fa4c09461a6bc79359334a8ea328e5a23dc2fb9dcd3d261995f0b5b347f4b9:922c64590222798bb761d5b6d8e72950