John R. BondNMAP:HADOOP-DATANODE-INFO.NSEhadoop-datanode-info NSE Script
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.973 High
EPSS
Percentile
99.8%
Discovers information such as log directories from an Apache Hadoop DataNode HTTP status page.
Information gathered:
- Log directory (relative to <http://host:port/>)
Script Arguments
slaxml.debug
See the documentation for the slaxml library.
http.host, http.max-body-size, http.max-cache-size, http.max-pipeline, http.pipeline, http.truncated-ok, http.useragent
See the documentation for the http library.
smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername
See the documentation for the smbauth library.
Example Usage
nmap --script hadoop-datanode-info.nse -p 50075 host
Script Output
PORT STATE SERVICE REASON
50075/tcp open hadoop-datanode syn-ack
| hadoop-datanode-info:
|_ Logs: /logs/
Requires
local http = require "http"
local nmap = require "nmap"
local shortport = require "shortport"
local stdnse = require "stdnse"
description = [[
Discovers information such as log directories from an Apache Hadoop DataNode
HTTP status page.
Information gathered:
* Log directory (relative to http://host:port/)
]]
---
-- @usage
-- nmap --script hadoop-datanode-info.nse -p 50075 host
--
-- @output
-- PORT STATE SERVICE REASON
-- 50075/tcp open hadoop-datanode syn-ack
-- | hadoop-datanode-info:
-- |_ Logs: /logs/
--
-- @xmloutput
-- <elem key="Logs">/logs/</elem>
author = "John R. Bond"
license = "Simplified (2-clause) BSD license--See https://nmap.org/svn/docs/licenses/BSD-simplified"
categories = {"default", "discovery", "safe"}
portrule = function(host, port)
-- Run for the special port number, or for any HTTP-like service that is
-- not on a usual HTTP port.
return shortport.port_or_service({50075}, "hadoop-datanode")(host, port)
or (shortport.service(shortport.LIKELY_HTTP_SERVICES)(host, port) and not shortport.portnumber(shortport.LIKELY_HTTP_PORTS)(host, port))
end
action = function( host, port )
local result = stdnse.output_table()
local uri = "/browseDirectory.jsp"
stdnse.debug1("HTTP GET %s:%s%s", host.targetname or host.ip, port.number, uri)
local response = http.get( host, port, uri )
stdnse.debug1("Status %s",response['status-line'] or "No Response")
if response['status-line'] and response['status-line']:match("200%s+OK") and response['body'] then
local body = response['body']:gsub("%%","%%%%")
if body:match("([^][\"]+)\">Log") then
port.version.name = "hadoop-datanode"
port.version.product = "Apache Hadoop"
nmap.set_port_version(host, port)
local logs = body:match("([^][\"]+)\">Log")
stdnse.debug1("Logs %s",logs)
result["Logs"] = logs
end
end
if #result > 0 then
return result
end
end
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.973 High
EPSS
Percentile
99.8%