Add Memcached amplification scanner #9644
Conversation
Use drdos mixin for memcached amp module
| ]) | ||
| end | ||
|
|
||
| def rport |
There was a problem hiding this comment.
This is already present in UDPScanner. Remove.
| @memcached_probe = "\x00\x00\x00\x00\x00\x01\x00\x00stats\r\n" | ||
| end | ||
|
|
||
| def scanner_prescan(batch) |
There was a problem hiding this comment.
This largely already exists in UDPScanner. Remove.
| @results = {} | ||
| end | ||
|
|
||
| def scan_host(ip) |
There was a problem hiding this comment.
If you define build_probe, this method can go away as it duplicates what is already in UDPScanner
|
I've submitted a PR to fix the UDPScanner duplication as https://github.com/xistence/metasploit-framework/pull/2. Now for some docs. |
|
|
||
| def scanner_process(data, shost, sport) | ||
| # Check the response data for a "STAT" repsonse | ||
| if data =~/\x00\x00\x00\x00\x00\x01\x00\x00STAT\x20/ |
There was a problem hiding this comment.
This will miss multi-packet responses. Will PR a fix.
|
@xistence I've submitted https://github.com/xistence/metasploit-framework/pull/2 to fix the various issues I've pointed out. |
|
@xistence when you get a chance, please take a look at xistence#2 -- I believe that will address all concerns raised so far. Thanks for you contribution! |
Simplify memcached amplification scanner to use UDPScanner for most of the work
|
@jhart-r7 verified all the changes and still works perfectly :) |
|
Landed. Thanks again @xistence. |
Release NotesThe auxiliary/scanner/memcached/memcached_amp module has been added to the framework. It scans Memcached instances for UDP amplification possibilities using a "stats" request packet. |
This module will scan Memcached instances for UDP amplification possibilities using a "stats" request packet.
All details for reproducing and testing are in the provided documentation.