Apache ZooKeeper - Unauthenticated Access

ID: exposed-zookeeper

Severity: high

Author: pdteam

Tags: network,zookeeper,unauth,exposure,tcp

Description

Apache ZooKeeper was able to be accessed without any required authentication.

YAML Source

id: exposed-zookeeper

info:
  name: Apache ZooKeeper - Unauthenticated Access
  author: pdteam
  severity: high
  description: Apache ZooKeeper was able to be accessed without any required authentication.
  reference:
    - https://zookeeper.apache.org/security.html
  metadata:
    max-request: 1
  tags: network,zookeeper,unauth,exposure,tcp

tcp:
  - inputs:
      - data: "envi\r\nquit\r\n"

    host:
      - "{{Hostname}}"
    port: 2181
    read-size: 2048

    matchers:
      - type: word
        words:
          - "zookeeper.version"
# digest: 490a0046304402201f3b10c29fa1cd3d672e47a1ee0ba3e03ad1cb39c48e79402cd9f95be773584102201e8c95b99057a1d116218a6528bfdec925523bb7946f6882c3ca4576c27cb3ab:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

$ nuclei -u "URL" -t "network/exposures/exposed-zookeeper.yaml"

View on Github