• 1000
Когда я попробовал с живой мишенью, я получил следующее JSON otuput:
{
"scanStatus": "PARTIALLY_SUCCEEDED",
"scanStartTimestamp": "2020-07-09T03:35:32.611Z",
"scanDuration": "45.315s",
"fullDetectionReports": {
},
"statusMessage": "Failed plugins:\n/Tsunami Team (tsunami-dev@google.com)/VULN_DETECTION/NcrackWeakCredentialDetectorPlugin/0.1\n/Tsunami Team (tsunami-dev@google.com)/VULN_DETECTION/WordPressInstallPageDetector/0.1"
}
NcrackWeakCredentialDetectorPlugin
и WordPressInstallPageDetector
не удалось, но не знаю почему.
Это вывод консоли:
(...)
Jul 10, 2020 1:00:33 AM com.google.tsunami.workflow.DefaultScanningWorkflow fingerprintNetworkServices
INFO: Port scanning phase done, moving to service fingerprinting phase with '0' fingerprinter(s) selected.
Jul 10, 2020 1:00:34 AM com.google.tsunami.workflow.DefaultScanningWorkflow detectVulnerabilities
INFO: Service fingerprinting phase done, moving to vuln detection phase.
Jul 10, 2020 1:00:34 AM com.google.tsunami.plugins.detectors.credentials.ncrack.NcrackWeakCredentialDetector detect
INFO: Starting weak credential detection using ncrack.
Jul 10, 2020 1:00:34 AM com.google.tsunami.plugins.detectors.exposedui.hadoop.yarn.YarnExposedManagerApiDetector detect
INFO: Starting unauthenticated Apache Yarn ResourceManager API detection
Jul 10, 2020 1:00:34 AM com.google.tsunami.plugins.detectors.exposedui.jenkins.JenkinsExposedUiDetector detect
INFO: Starting exposed ui detection for Jenkins
Jul 10, 2020 1:00:34 AM com.google.tsunami.plugins.detectors.exposedui.jupyter.JupyterExposedUiDetector detect
INFO: Starting exposed ui detection for Jupyter Notebook
Jul 10, 2020 1:00:34 AM com.google.tsunami.plugins.detectors.exposedui.wordpress.WordPressInstallPageDetector detect
INFO: Starting unfinished install page detection for WordPress.
Jul 10, 2020 1:00:34 AM com.google.tsunami.common.net.http.HttpClient send
INFO: Sending HTTP 'GET' request to 'http://xxx.xxx.xxx.xxx/terminals/1'.
Jul 10, 2020 1:00:34 AM com.google.tsunami.common.net.http.HttpClient send
INFO: Sending HTTP 'GET' request to 'http://xxx.xxx.xxx.xxx/cluster/cluster'.
Jul 10, 2020 1:00:34 AM com.google.tsunami.common.net.http.HttpClient send
INFO: Sending HTTP 'GET' request to 'http://xxx.xxx.xxx.xxx/view/all/newJob'.
Jul 10, 2020 1:00:34 AM com.google.tsunami.common.net.http.HttpClient send
INFO: Sending HTTP 'GET' request to 'http://xxx.xxx.xxx.xxx/wp-login.php'.
Jul 10, 2020 1:00:34 AM com.google.tsunami.common.net.http.HttpClient send
INFO: Sending HTTP 'GET' request to 'http://xxx.xxx.xxx.xxx/wp-admin/install.php?step=1'.
Jul 10, 2020 1:00:35 AM com.google.tsunami.common.net.http.HttpClient parseResponse
INFO: Received HTTP response with code '404' for request to 'http://xxx.xxx.xxx.xxx/view/all/newJob'.
Jul 10, 2020 1:00:35 AM com.google.tsunami.common.net.http.HttpClient parseResponse
INFO: Received HTTP response with code '404' for request to 'http://xxx.xxx.xxx.xxx/cluster/cluster'.
Jul 10, 2020 1:00:35 AM com.google.tsunami.common.net.http.HttpClient parseResponse
INFO: Received HTTP response with code '404' for request to 'http://xxx.xxx.xxx.xxx/terminals/1'.
Jul 10, 2020 1:00:35 AM com.google.tsunami.common.net.http.HttpClient parseResponse
INFO: Received HTTP response with code '200' for request to 'http://xxx.xxx.xxx.xxx/wp-login.php'.
Jul 10, 2020 1:00:35 AM com.google.tsunami.plugin.PluginExecutorImpl buildFailedResult
WARNING: Plugin '/Tsunami Team (tsunami-dev@google.com)/VULN_DETECTION/NcrackWeakCredentialDetectorPlugin/0.1' failed.
Jul 10, 2020 1:00:35 AM com.google.tsunami.plugins.detectors.exposedui.hadoop.yarn.YarnExposedManagerApiDetector detect
INFO: YarnExposedManagerApiDetector finished, detected '0' vulns.
Jul 10, 2020 1:00:35 AM com.google.tsunami.common.net.http.HttpClient parseResponse
INFO: Received HTTP response with code '200' for request to 'http://xxx.xxx.xxx.xxx/wp-admin/install.php?step=1'.
Jul 10, 2020 1:00:35 AM com.google.tsunami.plugin.PluginExecutorImpl buildFailedResult
WARNING: Plugin '/Tsunami Team (tsunami-dev@google.com)/VULN_DETECTION/WordPressInstallPageDetector/0.1' failed.
Jul 10, 2020 1:00:35 AM com.google.tsunami.workflow.DefaultScanningWorkflow generateScanResults
INFO: Tsunami scanning workflow done. Generating scan results.
Jul 10, 2020 1:00:35 AM com.google.tsunami.workflow.DefaultScanningWorkflow lambda$runAsync$0
INFO: Tsunami scanning workflow traces:
Port scanning phase (28.90 s) with 1 plugin(s):
/Tsunami Team (tsunami-dev@google.com)/PORT_SCAN/NmapPortScanner/0.1
Service fingerprinting phase (759.9 ms) with 0 plugin(s):
Vuln detection phase (694.7 ms) with 5 plugin(s):
/Tsunami Team (tsunami-dev@google.com)/VULN_DETECTION/NcrackWeakCredentialDetectorPlugin/0.1 was selected for the following services: http (TCP, port 80), ssh (TCP, port 8080)
/Tsunami Team (tsunami-dev@google.com)/VULN_DETECTION/YarnExposedManagerApiDetector/0.1 was selected for the following services: http (TCP, port 80), ssh (TCP, port 8080)
/Tsunami Team (tsunami-dev@google.com)/VULN_DETECTION/JenkinsExposedUiDetector/0.1 was selected for the following services: http (TCP, port 80), ssh (TCP, port 8080)
/Tsunami Team (tsunami-dev@google.com)/VULN_DETECTION/JupyterExposedUiDetector/0.1 was selected for the following services: http (TCP, port 80), ssh (TCP, port 8080)
/Tsunami Team (tsunami-dev@google.com)/VULN_DETECTION/WordPressInstallPageDetector/0.1 was selected for the following services: http (TCP, port 80), ssh (TCP, port 8080)
# of detected vulnerability: 0.
Jul 10, 2020 1:00:35 AM com.google.tsunami.main.cli.TsunamiCli run
INFO: Tsunami scan finished, saving results.
Jul 10, 2020 1:00:35 AM com.google.tsunami.common.io.archiving.RawFileArchiver archive
INFO: Archiving data to file system with filename '/tmp/tsunami-output.json'.
Jul 10, 2020 1:00:35 AM com.google.tsunami.main.cli.TsunamiCli run
INFO: TsunamiCli finished...
Jul 10, 2020 1:00:35 AM com.google.tsunami.main.cli.TsunamiCli main
INFO: Full Tsunami scan took 38.52 s.
kali@kali:~/tsunami/plugins$ ls -l
total 340
-rw-r--r-- 1 kali kali 7145 Jul 9 15:13 exposed_hadoop_yarn_api-0.0.1-SNAPSHOT.jar
-rw-r--r-- 1 kali kali 6179 Jul 9 15:13 exposed_jenkins_ui-0.0.1-SNAPSHOT.jar
-rw-r--r-- 1 kali kali 5888 Jul 9 15:13 exposed_jupyter_notebook-0.0.1-SNAPSHOT.jar
-rw-r--r-- 1 kali kali 41535 Jul 9 15:13 ncrack_weak_credential_detector-0.0.1-SNAPSHOT.jar
-rw-r--r-- 1 kali kali 267309 Jul 9 15:13 nmap_port_scanner-0.0.1-SNAPSHOT.jar
-rw-r--r-- 1 kali kali 6248 Jul 9 15:13 wordpress_exposed_installation_page-0.0.1-SNAPSHOT.jar
kali@kali:~/tsunami$ nmap -v
Starting Nmap 7.80 ( https://nmap.org ) at 2020-07-10 01:02 EDT
Read data files from: /usr/bin/../share/nmap
WARNING: No targets were specified, so 0 hosts scanned.
Nmap done: 0 IP addresses (0 hosts up) scanned in 0.07 seconds
kali@kali:~/tsunami$ ncrack -v
Starting Ncrack 0.7 ( http://ncrack.org ) at 2020-07-10 01:03 EDT
No services specified!
QUITTING!
Я сосредоточил внимание на этих двух строках:
WARNING: Plugin '/Tsunami Team (tsunami-dev@google.com)/VULN_DETECTION/NcrackWeakCredentialDetectorPlugin/0.1' failed.
WARNING: Plugin '/Tsunami Team (tsunami-dev@google.com)/VULN_DETECTION/WordPressInstallPageDetector/0.1' failed.
Те же плагины работали раньше с примером docker.
Я также настроил виртуальную машину Kali 2020.2 со сканером безопасности tsunami, просто чтобы проверить, что происходит с изображением docker на виртуальной машине и запуском Tsunami на другой виртуальной машине. Снова сработало, как ожидалось.
Я не могу понять, что не так. Заранее спасибо!