43 lines
1.3 KiB
YAML
43 lines
1.3 KiB
YAML
id: erlang-daemon
|
|
|
|
info:
|
|
name: Erlang Port Mapper Daemon
|
|
author: pussycat0x,daffainfo
|
|
severity: low
|
|
description: |
|
|
The erlang port mapper daemon is used to coordinate distributed erlang instances. His job is to keep track of which node name listens on which address. Hence, epmd map symbolic node names to machine addresses.
|
|
reference:
|
|
- https://nmap.org/nsedoc/scripts/epmd-info.html
|
|
- https://book.hacktricks.xyz/network-services-pentesting/4369-pentesting-erlang-port-mapper-daemon-epmd
|
|
- https://medium.com/@_sadshade/couchdb-erlang-and-cookies-rce-on-default-settings-b1e9173a4bcd
|
|
metadata:
|
|
verified: true
|
|
max-request: 1
|
|
shodan-query: product:"Erlang Port Mapper Daemon"
|
|
tags: demon,enum,erlang,epmd,network,misconfig,tcp
|
|
tcp:
|
|
- inputs:
|
|
- data: "\x00\x01\x6e"
|
|
|
|
host:
|
|
- "{{Hostname}}"
|
|
port: 4369
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
words:
|
|
- "HTTP/1.1"
|
|
negative: true
|
|
|
|
- type: word
|
|
words:
|
|
- "name"
|
|
- "at port"
|
|
condition: and
|
|
|
|
extractors:
|
|
- type: regex
|
|
regex:
|
|
- 'name (.*?) at port ([0-9]+)'
|
|
# digest: 4b0a00483046022100f94aa4a5746bd22235cbc0684ceb4233b9d6e9a13b4773aeff41aadf9e52e552022100b0e666dec59f22fb72b3be096ce1a731d313d4f59ec423305f134626a49ff696:922c64590222798bb761d5b6d8e72950 |