detect redis over tls

praetorian-inc · Dec 18, 2023 · 683198a · 683198a
1 parent f716710
commit 683198a
Show file tree

Hide file tree

Showing 2 changed files with 51 additions and 1 deletion.
diff --git a/pkg/plugins/services/redis/redis.go b/pkg/plugins/services/redis/redis.go
@@ -24,12 +24,14 @@ import (
 )
 
 type REDISPlugin struct{}
+type REDISTLSPlugin struct{}
 
 type Info struct {
 	AuthRequired bool
 }
 
 const REDIS = "redis"
+const REDISTLS = "redistls"
 
 // Check if the response is from a Redis server
 // returns an error if it's not validated as a Redis server
@@ -70,13 +72,29 @@ func checkRedis(data []byte) (Info, error) {
 
 func init() {
 	plugins.RegisterPlugin(&REDISPlugin{})
+	plugins.RegisterPlugin(&REDISTLSPlugin{})
 }
 
 func (p *REDISPlugin) PortPriority(port uint16) bool {
 	return port == 6379
 }
 
-func (p *REDISPlugin) Run(conn net.Conn, timeout time.Duration, target plugins.Target) (*plugins.Service, error) {
+func (p *REDISTLSPlugin) PortPriority(port uint16) bool {
+	return port == 6380
+}
+
+func (p *REDISTLSPlugin) Run(conn net.Conn, timeout time.Duration, target plugins.Target) (*plugins.Service, error) {
+	result, err := DetectRedis(conn, timeout)
+	if err != nil {
+		return nil, err
+	}
+	payload := plugins.ServiceRedisTLS{
+		AuthRequired: result.AuthRequired,
+	}
+	return plugins.CreateServiceFrom(target, payload, true, "", plugins.TCPTLS), nil
+}
+
+func DetectRedis(conn net.Conn, timeout time.Duration) (*Info, error) {
 	//https://redis.io/commands/ping/
 	// PING is a supported command since 1.0.0
 	// [*1(CR)(NL)$4(CR)(NL)PING(CR)(NL)]
@@ -109,6 +127,15 @@ func (p *REDISPlugin) Run(conn net.Conn, timeout time.Duration, target plugins.T
 	if err != nil {
 		return nil, nil
 	}
+
+	return &result, nil
+}
+
+func (p *REDISPlugin) Run(conn net.Conn, timeout time.Duration, target plugins.Target) (*plugins.Service, error) {
+	result, err := DetectRedis(conn, timeout)
+	if err != nil {
+		return nil, err
+	}
 	payload := plugins.ServiceRedis{
 		AuthRequired: result.AuthRequired,
 	}
@@ -119,10 +146,22 @@ func (p *REDISPlugin) Name() string {
 	return REDIS
 }
 
+func (p *REDISTLSPlugin) Name() string {
+	return REDISTLS
+}
+
 func (p *REDISPlugin) Type() plugins.Protocol {
 	return plugins.TCP
 }
 
+func (p *REDISTLSPlugin) Type() plugins.Protocol {
+	return plugins.TCPTLS
+}
+
 func (p *REDISPlugin) Priority() int {
 	return 413
 }
+
+func (p *REDISTLSPlugin) Priority() int {
+	return 414
+}
diff --git a/pkg/plugins/types.go b/pkg/plugins/types.go
@@ -65,6 +65,7 @@ const (
 	ProtoRDP        = "rdp"
 	ProtoRPC        = "rpc"
 	ProtoRedis      = "redis"
+	ProtoRedisTLS   = "redistls"
 	ProtoRsync      = "rsync"
 	ProtoRtsp       = "rtsp"
 	ProtoSMB        = "smb"
@@ -113,6 +114,10 @@ func (e Service) Metadata() Metadata {
 		var p ServiceRedis
 		_ = json.Unmarshal(e.Raw, &p)
 		return p
+	case ProtoRedisTLS:
+		var p ServiceRedisTLS
+		_ = json.Unmarshal(e.Raw, &p)
+		return p
 	case ProtoHTTP:
 		var p ServiceHTTP
 		_ = json.Unmarshal(e.Raw, &p)
@@ -402,6 +407,12 @@ type ServiceRedis struct {
 
 func (e ServiceRedis) Type() string { return ProtoRedis }
 
+type ServiceRedisTLS struct {
+	AuthRequired bool `json:"authRequired:"`
+}
+
+func (e ServiceRedisTLS) Type() string { return ProtoRedisTLS }
+
 type ServiceFTP struct {
 	Banner         string `json:"banner"`
 	AnonymousLogin bool   `json:"anonymousLogin"`