Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Apache Hbase Unauth

By kannthu

Medium
Vidoc logoVidoc Module
#apache#unauth#misconfig
Description

What is "Apache Hbase Unauth"?

The "Apache Hbase Unauth" module is designed to detect misconfigurations in Apache HBase, an open-source, distributed, non-relational database management system. This module focuses on identifying unauthenticated access vulnerabilities in Apache HBase instances. The severity of this vulnerability is classified as medium.

Author: pikpikcu

Impact

If the module detects a misconfiguration, it indicates that the Apache HBase instance is vulnerable to unauthorized access. This could potentially lead to unauthorized data exposure, data manipulation, or other security breaches.

How does the module work?

The "Apache Hbase Unauth" module works by sending an HTTP GET request to the "/conf" path of the target Apache HBase instance. It then applies matching conditions to determine if the misconfiguration is present.

Matching conditions:

- The response body must contain the following words: "<name>hbase.defaults.for.version</name>" and "<source>hbase-default.xml</source>". - The response status code must be 200.

If both conditions are met, the module reports a vulnerability, indicating that the Apache HBase instance is misconfigured and potentially vulnerable to unauthorized access.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/conf
Matching conditions
word: <name>hbase.defaults.for.version</name>,...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability