Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5

6
class MetasploitModule < Msf::Auxiliary
7
  include Msf::Exploit::Remote::HttpClient
8
  include Msf::Auxiliary::Report
9
  include Msf::Auxiliary::Etcd
10
  include Msf::Auxiliary::Scanner
11

12
  def initialize
13
    super(
14
      'Name' => 'Etcd Version Scanner',
15
      'Description' => %q(
16
        This module connections to etcd API endpoints, typically on 2379/TCP, and attempts
17
        to obtain the version of etcd.
18
      ),
19
      'References' => [
20
        ['URL', 'https://gcollazo.com/the-security-footgun-in-etcd/']
21
      ],
22
      'Author' => [
23
        'Giovanni Collazo <[email protected]>', # discovery
24
        'Jon Hart <[email protected]>' # msf module
25
      ],
26
      'License' => MSF_LICENSE,
27
      'DisclosureDate' => "Mar 16 2018"
28
    )
29
  end
30

31
  def run_host(_target_host)
32
    if (banner = fingerprint_service(target_uri.to_s))
33
      print_good("#{peer}: #{banner}")
34
    end
35
  end
36
end
37

38