Adding multiple scripts for Hadoop components #620

Closed
wants to merge 1 commit into
from

Conversation

Projects
None yet
3 participants

maaaaz commented Dec 20, 2016

Hello dear Nmap crew,

I made some discovery scripts for common Hadoop and "Big Data" components as it can be a challenge to correctly map the attack surface among all these services.

Cheers.

@maaaaz Thanks for these! Simple HTTP application discovery scripts like this can usually be rewritten as fingerprints for http-enum. Check out the nselib/data/http-fingerprints.lua file to see how this is done.

@dmiller-nmap The same code, rewritten as fingerprints.

-- Apache Ambari Web UI
table.insert(fingerprints, {
    category = 'info',
    probes = {
      {
        path = '/',
        method = 'GET'
      },
    },
    matches = {
      {
        match = '<title>Ambari</title>',
        output = 'Apache Ambari WebUI'
      }
    }
  });

-- Apache Oozie Web Console
table.insert(fingerprints, {
    category = 'info',
    probes = {
      {
        path = '/oozie/',
        method = 'GET'
      },
    },
    matches = {
      {
        match = '<title>Oozie Web Console</title>',
        output = 'Apache Oozie Web Console'
      }
    }
  });

-- Apache Ranger Web UI
table.insert(fingerprints, {
    category = 'info',
    probes = {
      {
        path = '/logn.jsp',
        method = 'GET'
      },
    },
    matches = {
      {
        match = '<title>%s*Ranger %- Sign In%s*</title>',
        output = 'Apache Ranger WebUI'
      }
    }
  });

-- Cloudera Hue
table.insert(fingerprints, {
    category = 'info',
    probes = {
      {
        path = '/about/',
        method = 'GET'
      },
    },
    matches = {
      {
        match = 'Hue&trade;%s(.-)%s[-]%s<a href="http://gethue.com"',
        output = 'Cloudera Hue \\1'
      }
    }
  });

-- Cloduera Manager login page
table.insert(fingerprints, {
    category = 'info',
    probes = {
      {
        path = '/cmf/login',
        method = 'GET'
      },
    },
    matches = {
      {
        match = 'clouderaManager.*version:%s'(.-)'',
        output = 'Cloudera Manager version \\1 '
      }
    }
  });

-- Hadoop MapReduce JobHistory WebUI
table.insert(fingerprints, {
    category = 'info',
    probes = {
      {
        path = '/jobhistory',
        method = 'GET'
      },
    },
    matches = {
      {
        match = '<title>%s*JobHistory%s*</title>',
        output = 'Hadoop MapReduce JobHistory WebUI'
      }
    }
  });

-- Hadoop YARN Resource Manager
table.insert(fingerprints, {
    category = 'info',
    probes = {
      {
        path = '/cluster/cluster',
        method = 'GET'
      },
    },
    matches = {
      {
        match = 'ResourceManager state:.-<td>%s*(.-)%s*</td>',
        output = 'Hadoop YARN Resource Manager state \\1'
      },
      {
        match = 'ResourceManager version:.-<td>%s*(.-)%s*</td>',
        output = 'Hadoop YARN Resource Manager version \\1'
      },
      {
        match = 'Hadoop version:.-<td>%s*(.-)%s*</td>'
        output = 'Hadoop Version \\1'
      }
    }
  });
  
-- Hadoop Node Resource Manager
table.insert(fingerprints, {
    category = 'info',
    probes = {
      {
        path = '/node',
        method = 'GET'
      },
    },
    matches = {
      {
        match = '<h3>%s*NodeManager%s*</h3>',
        output = 'Hadoop YARN Node Manager WebUI'
      },
      {
        match = 'Node Manager Version:.-<td>%s*(.-)%s*</td>',
        output = 'Hadoop YARN Node Manager version \\1'
      },
      {
        match = 'Hadoop Version:.-<td>%s*(.-)%s*</td>'
        output = 'Hadoop Version \\1'
      }
    }
  });

maaaaz commented Feb 13, 2017

@Varunram: cool thank you !

Varunram referenced this pull request Mar 1, 2017

Closed

Add Hadoop Fingerprints #715

nmap-bot closed this in fe622e1 Mar 4, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment