2025-12-07 09:56:41 -03:00
id : apache-kvrocks-exposed
info :
name : Apache Kvrocks - Exposed
author : icarot
severity : high
description : |
Detects if an Apache Kvrocks server is exposed with no authentication credentials, this application is a distributed key value NoSQL database that uses RocksDB as storage engine and is compatible with Redis protocol.
reference :
2025-12-08 13:57:43 +05:30
- https://github.com/apache/kvrocks
2025-12-07 09:56:41 -03:00
metadata :
2025-12-08 13:57:43 +05:30
verified : true
2025-12-07 09:56:41 -03:00
max-request : 1
2025-12-08 13:57:43 +05:30
tags : apache,kvrocks,network,unauth,js,exposed
2025-12-07 09:56:41 -03:00
javascript :
- pre-condition : |
isPortOpen(Host,Port);
code : |
const redis = require('nuclei/redis');
const info = redis.GetServerInfo(Host,Port);
Export(info);
args :
Host : "{{Host}}"
2025-12-08 13:57:43 +05:30
Port : "6379"
2025-12-07 09:56:41 -03:00
matchers-condition : and
matchers :
- type : word
words :
- "kvrocks_version"
- "kvrocks_git_sha1"
- "kvrocks_mode"
2025-12-08 13:57:43 +05:30
condition : or
2025-12-07 09:56:41 -03:00
extractors :
- type : regex
part : response
regex :
- "kvrocks_version:[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}"
- "kvrocks_git_sha1:\\w+"
2025-12-08 20:30:10 +05:30
- "kvrocks_mode:standalone"
2025-12-08 15:04:50 +00:00
# digest: 4a0a00473045022100d040b084def2f6406f801a9bb7000e7b50884ec0ad9d1f479b42407f894a8d400220298c583c3b4c96924e108841f77131405d74b4ab7295f054abdd5cc9e777f9a3:922c64590222798bb761d5b6d8e72950
