infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add etcd version scanner docs

GSoC/Meterpreter_Web_Console
Jon Hart 2018-04-04 10:58:55 -07:00
parent a8c76638d3
commit c96bdf4ea1
No known key found for this signature in database
GPG Key ID: 2FA9F0A3AFA8E9D3
1 changed files with 38 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
documentation/modules/auxiliary/scanner/etcd/version.md Normal file
View File

@ -0,0 +1,38 @@
## Vulnerable Application
etcd is a distributed reliable key-value store. It exposes and API from which you can obtain the version of etcd and related components.
### Docker
1. `docker run -p 2379:2379 miguelgrinberg/easy-etcd`
## Verification Steps
1. Install the application
2. Start msfconsole
3. Do: ```use auxiliary/scanner/etcd/version```
4. Do: ```set rhosts [IPs]```
5. Do: ```run```
6. You should get a JSON response for the version and the service identified in `services`.
## Scenarios
### etcd in Docker
```
msf5 > use auxiliary/scanner/etcd/version
msf5 auxiliary(scanner/etcd/version) > set RHOSTS localhost
RHOSTS => localhost
msf5 auxiliary(scanner/etcd/version) > run
[+] 127.0.0.1:2379 : {"etcdserver"=>"3.1.3", "etcdcluster"=>"3.1.0"}
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
msf5 auxiliary(scanner/etcd/version) > services
Services
========
host port proto name state info
---- ---- ----- ---- ----- ----
127.0.0.1 2379 tcp etcd open {"etcdserver"=>"3.1.3", "etcdcluster"=>"3.1.0"}
```