trailofbits/twa

Add more ports to stage 7

woodruffw opened this issue · 7 comments

There are lots of other common development ports that we should check for, including (but not limited to):

  • 5000 (Flask and Kestrel's default port)
  • 9200 (Elasticsearch's REST API)

I suggest adding the standard TCP ports of commonly used databases:

  • 1433 # Microsoft SQL Server
  • 3306 # MySQL and MariaDB
  • 3050 # Interbase, Firebird
  • 5432 # PostgreSQL
  • 6379 # Redis
  • 8086 # InfluxDB HTTP service
  • 8093 # Couchbase Query service REST traffic
  • 27017 # MongoDB
  • 33060 # MySQL X-Protocol

References:

For a complete port scan specialized tools like nmap should be used. I think to work out a tiny list of typical falsely open ports on web servers should be the aim for the twa script.

That sounds good to me. I've been on the fence about which ports to add, since twa itself (mostly) sticks to HTTP(S)-only issues. But exposed SQL and KV services are a common enough issue that adding them seems reasonable to me.

@woodruffw
May I pickup this task?

@GatewayBit go for it!

The issue is more than one month open. I add the ports now to the source.
@GatewayBit If this disturbs your work, please suggest to reject the pull request.

@UlrichBerntien Go ahead with this task. Thank you!

I think #85 covers the majority of the ports I had in mind, so I'm going to close this. We can address additional ports/changes in subsequent issues and PRs.