Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add Weak Credential tester for Apache Hive #490

Merged
merged 13 commits into from
Oct 24, 2024
Merged

feat: add Weak Credential tester for Apache Hive #490

merged 13 commits into from
Oct 24, 2024

Conversation

W0ngL1
Copy link
Contributor

@W0ngL1 W0ngL1 commented May 26, 2024
edited
Loading

leonardo-doyensec
leonardo-doyensec reviewed Jul 9, 2024
View reviewed changes
Copy link
Collaborator

@leonardo-doyensec leonardo-doyensec left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @W0ngL1.
Thank you for your contribution. You can find all the issues to address down below. I'm also noticing that the plugin is a bit slow to run, i think that this is due to jdbc, but i'm not 100% sure of that. Can you please check it?

Feel free to reach out
~ Leonardo(Doyensec)

@leonardo-doyensec leonardo-doyensec self-assigned this Jul 9, 2024
leonardo-doyensec
leonardo-doyensec reviewed Jul 11, 2024
View reviewed changes
Copy link
Collaborator

@leonardo-doyensec leonardo-doyensec left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for your quick changes @W0ngL1. You can find some issues to address down below.
Moreover i'm noticing, while running the plugin, a series of error related to logging. The output is the following. Can you please investigate into it?

ERROR StatusLogger Unrecognized format specifier [d]
ERROR StatusLogger Unrecognized conversion specifier [d] starting at position 16 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [thread]
ERROR StatusLogger Unrecognized conversion specifier [thread] starting at position 25 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [level]
ERROR StatusLogger Unrecognized conversion specifier [level] starting at position 35 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [logger]
ERROR StatusLogger Unrecognized conversion specifier [logger] starting at position 47 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [msg]
ERROR StatusLogger Unrecognized conversion specifier [msg] starting at position 54 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [n]
ERROR StatusLogger Unrecognized conversion specifier [n] starting at position 56 in conversion pattern.
ERROR StatusLogger No log4j2 configuration file found. Using default configuration: logging only errors to the console.
ERROR StatusLogger Unrecognized format specifier [d]
ERROR StatusLogger Unrecognized conversion specifier [d] starting at position 16 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [thread]
ERROR StatusLogger Unrecognized conversion specifier [thread] starting at position 25 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [level]
ERROR StatusLogger Unrecognized conversion specifier [level] starting at position 35 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [logger]
ERROR StatusLogger Unrecognized conversion specifier [logger] starting at position 47 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [msg]
ERROR StatusLogger Unrecognized conversion specifier [msg] starting at position 54 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [n]
ERROR StatusLogger Unrecognized conversion specifier [n] starting at position 56 in conversion pattern.

@W0ngL1
Copy link
Contributor Author

W0ngL1 commented Jul 12, 2024
edited
Loading

Thank you for your quick changes @W0ngL1. You can find some issues to address down below. Moreover i'm noticing, while running the plugin, a series of error related to logging. The output is the following. Can you please investigate into it?

ERROR StatusLogger Unrecognized format specifier [d]
ERROR StatusLogger Unrecognized conversion specifier [d] starting at position 16 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [thread]
ERROR StatusLogger Unrecognized conversion specifier [thread] starting at position 25 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [level]
ERROR StatusLogger Unrecognized conversion specifier [level] starting at position 35 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [logger]
ERROR StatusLogger Unrecognized conversion specifier [logger] starting at position 47 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [msg]
ERROR StatusLogger Unrecognized conversion specifier [msg] starting at position 54 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [n]
ERROR StatusLogger Unrecognized conversion specifier [n] starting at position 56 in conversion pattern.
ERROR StatusLogger No log4j2 configuration file found. Using default configuration: logging only errors to the console.
ERROR StatusLogger Unrecognized format specifier [d]
ERROR StatusLogger Unrecognized conversion specifier [d] starting at position 16 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [thread]
ERROR StatusLogger Unrecognized conversion specifier [thread] starting at position 25 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [level]
ERROR StatusLogger Unrecognized conversion specifier [level] starting at position 35 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [logger]
ERROR StatusLogger Unrecognized conversion specifier [logger] starting at position 47 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [msg]
ERROR StatusLogger Unrecognized conversion specifier [msg] starting at position 54 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [n]
ERROR StatusLogger Unrecognized conversion specifier [n] starting at position 56 in conversion pattern.

Hi @leonardo-doyensec, It's ok when I run it, can you try again? It seems to be caused by logger, I removed it.

leonardo-doyensec
leonardo-doyensec reviewed Jul 12, 2024
View reviewed changes
Copy link
Collaborator

@leonardo-doyensec leonardo-doyensec left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you @W0ngL1. You can find some issues to address down below.

@W0ngL1
Copy link
Contributor Author

W0ngL1 commented Jul 13, 2024

Hi @leonardo-doyensec, please review again if you're free :)

@tooryx tooryx linked an issue Jul 26, 2024 that may be closed by this pull request
AI PRP: Request Weak Credential tester for Apache Hive #418
Closed
@leonardo-doyensec
Copy link
Collaborator

Thank you for your changes @W0ngL1.
I'm noticing that, on my side, the plugin is not working anymore. Can you please confirm that, on your side, everything is working fine?

Feel free to reach out
~ Leonardo (Doyensec)

@W0ngL1
Copy link
Contributor Author

W0ngL1 commented Jul 31, 2024
edited
Loading

Sorry for that @leonardo-doyensec. I've fixed it and tested it.

$ java -cp "./tsunami-security-scanner/main/build/libs/tsunami-main-0.0.23-SNAPSHOT-cli.jar:./tsunami-security-scanner-plugins/google/detectors/credentials/generic_weak_credential_detector/build/libs/*" com.google.tsunami.main.cli.TsunamiCli --ip-v4-target=127.0.0.1 --port-ranges-target=10002
...
com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.testers.hive.HiveCredentialTester isHiveAccessible
INFO: url: jdbc:hive2://127.0.0.1:10000/default, username: test, password: test
com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.testers.hive.HiveCredentialTester isHiveAccessible
INFO: Connected to the Hive server successfully.
...
Port scanning phase (15.44 s) with 1 plugin(s):
    /Tsunami Team ([email protected])/PORT_SCAN/NmapPortScanner/0.1
  Service fingerprinting phase (201.3 ms) with 0 plugin(s):

  Vuln detection phase (19.06 s) with 1 plugin(s):
    /Tsunami Team ([email protected])/VULN_DETECTION/GenericCredentialDetectorPlugin/0.1 was selected for the following services: documentum (TCP, port 10002)
  # of detected vulnerability: 1.
...

@tooryx tooryx added the Contributor main The main issue a contributor is working on (top of the contribution queue). label Aug 6, 2024
@leonardo-doyensec
Copy link
Collaborator

Hi @W0ngL1.
I confirm that now the plugin is working correctly. However i notice one more verbose error message during the tsunami scan.

Seems like that this error appears when using an empty password during the bruteforce.
Can you please take a look at it?

ERROR StatusLogger Unrecognized format specifier [d]
ERROR StatusLogger Unrecognized conversion specifier [d] starting at position 16 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [thread]
ERROR StatusLogger Unrecognized conversion specifier [thread] starting at position 25 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [level]
ERROR StatusLogger Unrecognized conversion specifier [level] starting at position 35 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [logger]
ERROR StatusLogger Unrecognized conversion specifier [logger] starting at position 47 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [msg]
ERROR StatusLogger Unrecognized conversion specifier [msg] starting at position 54 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [n]
ERROR StatusLogger Unrecognized conversion specifier [n] starting at position 56 in conversion pattern.
ERROR StatusLogger No log4j2 configuration file found. Using default configuration: logging only errors to the console.
ERROR StatusLogger Unrecognized format specifier [d]
ERROR StatusLogger Unrecognized conversion specifier [d] starting at position 16 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [thread]
ERROR StatusLogger Unrecognized conversion specifier [thread] starting at position 25 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [level]
ERROR StatusLogger Unrecognized conversion specifier [level] starting at position 35 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [logger]
ERROR StatusLogger Unrecognized conversion specifier [logger] starting at position 47 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [msg]
ERROR StatusLogger Unrecognized conversion specifier [msg] starting at position 54 in conversion pattern.
ERROR StatusLogger Unrecognized format specifier [n]
ERROR StatusLogger Unrecognized conversion specifier [n] starting at position 56 in conversion pattern.

@W0ngL1
Copy link
Contributor Author

W0ngL1 commented Aug 29, 2024
edited
Loading

Hi @leonardo-doyensec, I reproduced the problem, when I delete an empty username and password, the problem still persists.

It seems to be related to log4j configuration, and I cannot find the corresponding configuration files in the scanner and plugins projects, so I cannot hide these lines of error unfortunately.

However, it does not affect the actual effect, would you consider ignoring this small issue?

@leonardo-doyensec
Copy link
Collaborator

leonardo-doyensec commented Sep 30, 2024
edited
Loading

LGTM - Approved
@maoning we can merge this. Moreover we can also merge the google/security-testbeds#58

Reviewer: Leonardo, Doyensec
Plugin: Weak Credentials Apache Hive
Feedback: The overall quality is decent. The security testbed was fairly easy to deploy. The plugin was lacking a fingerprinting phase and some minor aspect of formatting went overlooked. The contributor was really fast to address all the issues.
Drawback: None.

@tooryx tooryx added the lgtm label Sep 30, 2024
@W0ngL1
feat: use NetworkServiceUtils.buildWebApplicationRootUrl(networkServi…
4193d5a 
…ce) instead of the whole buildTargetUrl function
@W0ngL1
Copy link
Contributor Author

W0ngL1 commented Oct 23, 2024

Hi @tooryx, l've updated.

@copybara-service copybara-service bot merged commit c663072 into google:master Oct 24, 2024
4 of 5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tooryx tooryx tooryx left review comments

@leonardo-doyensec leonardo-doyensec leonardo-doyensec left review comments

Assignees

@leonardo-doyensec leonardo-doyensec

Labels
Contributor main The main issue a contributor is working on (top of the contribution queue). lgtm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

AI PRP: Request Weak Credential tester for Apache Hive
3 participants
@W0ngL1 @leonardo-doyensec @tooryx