nuclei-templates/network/detect-rsyncd.yaml

32 lines
672 B
YAML

id: detect-rsyncd
info:
name: Detect rsyncd
author: vsh00t,geeknik
severity: info
description: |
Rsync is a fast and extraordinarily versatile file copying tool. It can copy locally, to/from another host over any remote shell, or to/from a remote rsync daemon.
reference:
- https://linux.die.net/man/1/rsync
tags: network,rsyncd
network:
- inputs:
- data: "?\r\n"
host:
- "{{Hostname}}"
- "{{Host}}:873"
matchers:
- type: word
words:
- "RSYNCD: "
- "ERROR: protocol startup error"
condition: and
extractors:
- type: regex
regex:
- 'RSYNCD: \d\d.\d'