Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add more ports to stage 7 #80

Closed
2 tasks done
woodruffw opened this issue Sep 9, 2020 · 7 comments
Closed
2 tasks done

Add more ports to stage 7 #80

woodruffw opened this issue Sep 9, 2020 · 7 comments
Labels
enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed

Comments

@woodruffw
Copy link
Member

woodruffw commented Sep 9, 2020
edited
Loading

There are lots of other common development ports that we should check for, including (but not limited to):

  • 5000 (Flask and Kestrel's default port)
  • 9200 (Elasticsearch's REST API)
@woodruffw woodruffw added enhancement New feature or request help wanted Extra attention is needed good first issue Good for newcomers labels Sep 9, 2020
@UlrichBerntien
Copy link
Contributor

UlrichBerntien commented Sep 21, 2020
edited
Loading

I suggest adding the standard TCP ports of commonly used databases:

  • 1433 # Microsoft SQL Server
  • 3306 # MySQL and MariaDB
  • 3050 # Interbase, Firebird
  • 5432 # PostgreSQL
  • 6379 # Redis
  • 8086 # InfluxDB HTTP service
  • 8093 # Couchbase Query service REST traffic
  • 27017 # MongoDB
  • 33060 # MySQL X-Protocol

References:

For a complete port scan specialized tools like nmap should be used. I think to work out a tiny list of typical falsely open ports on web servers should be the aim for the twa script.

@woodruffw
Copy link
Member Author

That sounds good to me. I've been on the fence about which ports to add, since twa itself (mostly) sticks to HTTP(S)-only issues. But exposed SQL and KV services are a common enough issue that adding them seems reasonable to me.

@GatewayBit
Copy link
Contributor

@woodruffw
May I pickup this task?

@woodruffw
Copy link
Member Author

@GatewayBit go for it!

UlrichBerntien added a commit to UlrichBerntien/twa that referenced this issue Nov 20, 2020
@UlrichBerntien
add more ports to scan in stage 7, see issue trailofbits#80
b46a1a7
@UlrichBerntien UlrichBerntien mentioned this issue Nov 20, 2020
Merged
@UlrichBerntien
Copy link
Contributor

The issue is more than one month open. I add the ports now to the source.
@GatewayBit If this disturbs your work, please suggest to reject the pull request.

@GatewayBit
Copy link
Contributor

@UlrichBerntien Go ahead with this task. Thank you!

woodruffw pushed a commit that referenced this issue Nov 20, 2020
@UlrichBerntien
Add more ports to stage 7 (#85)
fc66ea8 
* add more ports to scan in stage 7, see issue #80

* add port number comment to message output

* fixed grammar nit: listen -> is listning

Co-authored-by: UlrichBerntien <UlrichBerntien@users.noreply.github.com>
@woodruffw
Copy link
Member Author

I think #85 covers the majority of the ports I had in mind, so I'm going to close this. We can address additional ports/changes in subsequent issues and PRs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@woodruffw @GatewayBit @UlrichBerntien