Create mongodb_scanner.go
Adding mongodb checks. Mongodb is often not password protected, leaving databases exposed. Additionally, mongodb can reveal identifying information about the host.
This commit is contained in:
JosephGregg
Sarah Jamie Lewis
parent
5b0e733da3
commit
4874bee930
|
|
@ -53,7 +53,11 @@ func (os *OnionScan) Scan(hiddenService string) (*report.OnionScanReport, error)
|
||||||
smps := new(protocol.SMTPProtocolScanner)
|
smps := new(protocol.SMTPProtocolScanner)
|
||||||
smps.ScanProtocol(hiddenService, os.Config, report)
|
smps.ScanProtocol(hiddenService, os.Config, report)
|
||||||
|
|
||||||
if !report.WebDetected && !report.SSHDetected && !report.RicochetDetected && !report.BitcoinDetected && !report.IRCDetected && !report.FTPDetected && !report.SMTPDetected {
|
//MongoDb
|
||||||
|
mdbps := new(protocol.MongoDBProtocolScanner)
|
||||||
|
mdbps.ScanProtocol(hiddenService, os.Config, report)
|
||||||
|
|
||||||
|
if !report.WebDetected && !report.SSHDetected && !report.RicochetDetected && !report.BitcoinDetected && !report.IRCDetected && !report.FTPDetected && !report.SMTPDetected && !report.MongoDBDetected {
|
||||||
fmt.Printf("Unable to connect to this Tor Hidden Service on any known protocol.\n")
|
fmt.Printf("Unable to connect to this Tor Hidden Service on any known protocol.\n")
|
||||||
return nil, errors.New("Unable to connect to this Tor Hidden Service on any known protocol.")
|
return nil, errors.New("Unable to connect to this Tor Hidden Service on any known protocol.")
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,26 @@
|
||||||
|
package protocol
|
||||||
|
|
||||||
|
import (
|
||||||
|
"github.com/s-rah/onionscan/config"
|
||||||
|
"github.com/s-rah/onionscan/report"
|
||||||
|
"h12.me/socks"
|
||||||
|
"log"
|
||||||
|
)
|
||||||
|
|
||||||
|
type MongoDBProtocolScanner struct {
|
||||||
|
}
|
||||||
|
|
||||||
|
func (rps *MongoDBProtocolScanner) ScanProtocol(hiddenService string, onionscanConfig *config.OnionscanConfig, report *report.OnionScanReport) {
|
||||||
|
// MongoDB
|
||||||
|
log.Printf("Checking %s MongoDB(27017)\n", hiddenService)
|
||||||
|
_, err := socks.DialSocksProxy(socks.SOCKS5, onionscanConfig.TorProxyAddress)("", hiddenService+":27017")
|
||||||
|
if err != nil {
|
||||||
|
log.Printf("Failed to connect to service on port 27017\n")
|
||||||
|
report.MongoDBDetected = false
|
||||||
|
} else {
|
||||||
|
log.Printf("Detected possible MongoDB instance\n")
|
||||||
|
// TODO: Actual Analysis
|
||||||
|
report.MongoDBDetected = true
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
@ -25,6 +25,7 @@ type OnionScanReport struct {
|
||||||
SMTPDetected bool `json:"smtpDetected"`
|
SMTPDetected bool `json:"smtpDetected"`
|
||||||
|
|
||||||
BitcoinDetected bool `json:"bitcoinDetected"`
|
BitcoinDetected bool `json:"bitcoinDetected"`
|
||||||
|
MongoDBDetected bool `json:"mongodbDetected"`
|
||||||
|
|
||||||
HiddenService string `json:"hiddenService"`
|
HiddenService string `json:"hiddenService"`
|
||||||
ServerPoweredBy string `json:"serverPoweredBy"`
|
ServerPoweredBy string `json:"serverPoweredBy"`
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue