Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

new detector for vulnerable Jetty Servers #16

Open
kjlubick opened this issue May 15, 2014 · 0 comments
Open

new detector for vulnerable Jetty Servers #16

kjlubick opened this issue May 15, 2014 · 0 comments

Comments

@kjlubick
Copy link
Owner

From mebigfatguy#15

I recently ran into an exploit that depended on the following snippet:
https://gist.github.com/kjlubick/560dda55c47dd3a53643

The problem was that I meant to make a local server that was only accessible to the local machine, but instead, because I didn't specify otherwise, the port was open to everyone on the local network.

I'm proposing a relatively simple detector that looks for a Jetty server (and possibly other flavors) that is created by only specifying the port number, thereby making them vulnerable to snooping via network.

One topic for discussion is avoiding false positives when the intent is to make a local network server. This could possibly be done by having a whitelist of ports (e.g. port 80) that are not flagged as a bug.

We'll start with the whitelist of 80 and 8080, which are known to be commonly used for external web servers.
kjlubick pushed a commit that referenced this issue Jun 26, 2014
@mebigfatguy
Merge pull request #16 from kjlubick/fixHESFalsePositives
f1ae421 
A variety of dogfooding fixes, and refactoring cleanups.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@kjlubick