From 683198af0a3ea732d763a06c72f0fc82a366c950 Mon Sep 17 00:00:00 2001 From: Thomas Hendrickson Date: Mon, 18 Dec 2023 12:56:59 -0500 Subject: [PATCH] detect redis over tls --- pkg/plugins/services/redis/redis.go | 41 ++++++++++++++++++++++++++++- pkg/plugins/types.go | 11 ++++++++ 2 files changed, 51 insertions(+), 1 deletion(-) diff --git a/pkg/plugins/services/redis/redis.go b/pkg/plugins/services/redis/redis.go index c4c10f9..a447202 100644 --- a/pkg/plugins/services/redis/redis.go +++ b/pkg/plugins/services/redis/redis.go @@ -24,12 +24,14 @@ import ( ) type REDISPlugin struct{} +type REDISTLSPlugin struct{} type Info struct { AuthRequired bool } const REDIS = "redis" +const REDISTLS = "redistls" // Check if the response is from a Redis server // returns an error if it's not validated as a Redis server @@ -70,13 +72,29 @@ func checkRedis(data []byte) (Info, error) { func init() { plugins.RegisterPlugin(&REDISPlugin{}) + plugins.RegisterPlugin(&REDISTLSPlugin{}) } func (p *REDISPlugin) PortPriority(port uint16) bool { return port == 6379 } -func (p *REDISPlugin) Run(conn net.Conn, timeout time.Duration, target plugins.Target) (*plugins.Service, error) { +func (p *REDISTLSPlugin) PortPriority(port uint16) bool { + return port == 6380 +} + +func (p *REDISTLSPlugin) Run(conn net.Conn, timeout time.Duration, target plugins.Target) (*plugins.Service, error) { + result, err := DetectRedis(conn, timeout) + if err != nil { + return nil, err + } + payload := plugins.ServiceRedisTLS{ + AuthRequired: result.AuthRequired, + } + return plugins.CreateServiceFrom(target, payload, true, "", plugins.TCPTLS), nil +} + +func DetectRedis(conn net.Conn, timeout time.Duration) (*Info, error) { //https://redis.io/commands/ping/ // PING is a supported command since 1.0.0 // [*1(CR)(NL)$4(CR)(NL)PING(CR)(NL)] @@ -109,6 +127,15 @@ func (p *REDISPlugin) Run(conn net.Conn, timeout time.Duration, target plugins.T if err != nil { return nil, nil } + + return &result, nil +} + +func (p *REDISPlugin) Run(conn net.Conn, timeout time.Duration, target plugins.Target) (*plugins.Service, error) { + result, err := DetectRedis(conn, timeout) + if err != nil { + return nil, err + } payload := plugins.ServiceRedis{ AuthRequired: result.AuthRequired, } @@ -119,10 +146,22 @@ func (p *REDISPlugin) Name() string { return REDIS } +func (p *REDISTLSPlugin) Name() string { + return REDISTLS +} + func (p *REDISPlugin) Type() plugins.Protocol { return plugins.TCP } +func (p *REDISTLSPlugin) Type() plugins.Protocol { + return plugins.TCPTLS +} + func (p *REDISPlugin) Priority() int { return 413 } + +func (p *REDISTLSPlugin) Priority() int { + return 414 +} diff --git a/pkg/plugins/types.go b/pkg/plugins/types.go index 6d12926..b4b2849 100644 --- a/pkg/plugins/types.go +++ b/pkg/plugins/types.go @@ -65,6 +65,7 @@ const ( ProtoRDP = "rdp" ProtoRPC = "rpc" ProtoRedis = "redis" + ProtoRedisTLS = "redistls" ProtoRsync = "rsync" ProtoRtsp = "rtsp" ProtoSMB = "smb" @@ -113,6 +114,10 @@ func (e Service) Metadata() Metadata { var p ServiceRedis _ = json.Unmarshal(e.Raw, &p) return p + case ProtoRedisTLS: + var p ServiceRedisTLS + _ = json.Unmarshal(e.Raw, &p) + return p case ProtoHTTP: var p ServiceHTTP _ = json.Unmarshal(e.Raw, &p) @@ -402,6 +407,12 @@ type ServiceRedis struct { func (e ServiceRedis) Type() string { return ProtoRedis } +type ServiceRedisTLS struct { + AuthRequired bool `json:"authRequired:"` +} + +func (e ServiceRedisTLS) Type() string { return ProtoRedisTLS } + type ServiceFTP struct { Banner string `json:"banner"` AnonymousLogin bool `json:"anonymousLogin"`