44 lines
1.3 KiB
YAML
44 lines
1.3 KiB
YAML
id: redis-require-auth
|
|
|
|
info:
|
|
name: Redis Require Authentication - Detect
|
|
author: DhiyaneshDK
|
|
severity: info
|
|
description: |
|
|
IsAuthenticated checks if the redis server requires authentication
|
|
reference:
|
|
- https://docs.projectdiscovery.io/templates/protocols/javascript/modules/redis#isauthenticated
|
|
metadata:
|
|
max-request: 1
|
|
shodan-query:
|
|
- product:"redis"
|
|
- http.title:"airflow - dags" || http.html:"apache airflow"
|
|
- http.title:"sign in - airflow"
|
|
product: airflow
|
|
vendor: apache
|
|
fofa-query:
|
|
- apache airflow
|
|
- title="airflow - dags" || http.html:"apache airflow"
|
|
- title="sign in - airflow"
|
|
google-query:
|
|
- intitle:"airflow - dags" || http.html:"apache airflow"
|
|
- intitle:"sign in - airflow"
|
|
tags: js,redis,network,enum
|
|
|
|
javascript:
|
|
- pre-condition: |
|
|
isPortOpen(Host,Port);
|
|
code: |
|
|
const redis = require('nuclei/redis');
|
|
const isAuthenticated = redis.IsAuthenticated(Host,Port);
|
|
Export(isAuthenticated);
|
|
|
|
args:
|
|
Host: "{{Host}}"
|
|
Port: "6379"
|
|
|
|
matchers:
|
|
- type: dsl
|
|
dsl:
|
|
- "success == true"
|
|
# digest: 4a0a00473045022100fd94f40e9e057e45f7164d2c23055cd280cd5ecf2d7079066c7b26185bdc140f02201c0797b3ee67e0b6fdef347fb52715c0c310bf79b1ad11eb6d138576908601a4:922c64590222798bb761d5b6d8e72950 |