Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-26 22:52:06 +00:00
Code Issues Projects Releases Packages Wiki Activity
hacktricks/network-services-pentesting/8086-pentesting-influxdb.md

146 lines
6.9 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# 8086 - Kupima Usalama wa InfluxDB
<figure><img src="../.gitbook/assets/image (3) (1) (1) (1) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
\
Tumia [**Trickest**](https://trickest.com/?utm\_campaign=hacktrics\&utm\_medium=banner\&utm\_source=hacktricks) kujenga na **kutumia workflows** kwa urahisi zinazotumia zana za jamii **za juu zaidi** duniani.\
Pata Ufikiaji Leo:
{% embed url="https://trickest.com/?utm_campaign=hacktrics&utm_medium=banner&utm_source=hacktricks" %}
<details>
<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>
Njia nyingine za kusaidia HackTricks:
* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) za kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks\_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
</details>
## Taarifa Msingi
**InfluxDB** ni **database ya mfululizo wa muda (TSDB)** ya chanzo wazi iliyoendelezwa na InfluxData. TSDBs zimeboreshwa kwa kuhifadhi na kutumikia data za mfululizo wa muda, ambazo zinajumuisha jozi za alama za wakati-thamani. Ikilinganishwa na mabase ya data ya matumizi ya jumla, TSDBs hutoa maboresho makubwa katika **nafasi ya kuhifadhi** na **utendaji** kwa seti za data za mfululizo wa muda. Hutumia algorithms maalum ya kubana na inaweza kusanidiwa kuondoa data za zamani kiotomatiki. Indeksi maalum ya database pia hufanya utendaji wa uchunguzi kuwa bora.
**Bandari ya default**: 8086
```
PORT STATE SERVICE VERSION
8086/tcp open http InfluxDB http admin 1.7.5
```
## Uchambuzi
Kutoka mtazamo wa pentester hii ni database nyingine inayoweza kuhifadhi habari nyeti, hivyo ni muhimu kujua jinsi ya kudump habari zote.
### Uthibitisho
InfluxDB inaweza kuhitaji uthibitisho au la
```bash
# Try unauthenticated
influx -host 'host name' -port 'port #'
> use _internal
```
Ikiwa **unapata kosa kama** hili: `ERR: unable to parse authentication credentials` inamaanisha kuwa ina **tarajia baadhi ya sifa za uthibitishaji**.
```
influx username influx password influx_pass
```
Kulikuwa na udhaifu katika influxdb ulioruhusu kukiuka uthibitishaji: [**CVE-2019-20933**](https://github.com/LorenzoTullini/InfluxDB-Exploit-CVE-2019-20933)
### Uchambuzi wa Kuelekezwa
Taarifa ya mfano huu ilitolewa kutoka [**hapa**](https://oznetnerd.com/2017/06/11/getting-know-influxdb/).
#### Onyesha maktaba za data
Maktaba za data zilizopatikana ni `telegraf` na `internal` (utapata hii kila mahali)
```bash
> show databases
name: databases
name
----
telegraf
_internal
```
#### Onyesha meza/vipimo
[**Hati ya InfluxDB**](https://docs.influxdata.com/influxdb/v1.2/introduction/getting\_started/) inaeleza kwamba **vipimo** katika InfluxDB vinaweza kulinganishwa na meza za SQL. Jina la hizi **vipimo** linaonyesha yaliyomo kwake, kila moja ikiwa na data inayohusiana na kipengele fulani.
```bash
> show measurements
name: measurements
name
----
cpu
disk
diskio
kernel
mem
processes
swap
system
```
#### Onyesha safuwima/majina ya uga
Majina ya uga ni kama **safuwima** za hifadhidata
```bash
> show field keys
name: cpu
fieldKey fieldType
-------- ---------
usage_guest float
usage_guest_nice float
usage_idle float
usage_iowait float
name: disk
fieldKey fieldType
-------- ---------
free integer
inodes_free integer
inodes_total integer
inodes_used integer
[ ... more keys ...]
```
#### Mimina Meza
Na mwishowe unaweza **kumimina meza** kwa kufanya kitu kama hiki
```bash
select * from cpu
name: cpu
time cpu host usage_guest usage_guest_nice usage_idle usage_iowait usage_irq usage_nice usage_softirq usage_steal usage_system usage_user
---- --- ---- ----------- ---------------- ---------- ------------ --------- ---------- ------------- ----------- ------------ ----------
1497018760000000000 cpu-total ubuntu 0 0 99.297893681046 0 0 0 0 0 0.35105315947842414 0.35105315947842414
1497018760000000000 cpu1 ubuntu 0 0 99.69909729188728 0 0 0 0 0 0.20060180541622202 0.10030090270811101
```
{% hint style="warning" %}
Katika baadhi ya majaribio ya kubaini uthibitishaji, ilibainika kuwa jina la meza linahitaji kuwa kati ya alama za nukta mbili kama: `select * from "cpu"`
{% endhint %}
### Uthibitishaji wa Kiotomatiki
```bash
msf6 > use auxiliary/scanner/http/influxdb_enum
```
<details>
<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>
Njia nyingine za kusaidia HackTricks:
* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa kipekee wa [**NFTs**](https://opensea.io/collection/the-peass-family)
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks\_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
</details>
<figure><img src="../.gitbook/assets/image (3) (1) (1) (1) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
\
Tumia [**Trickest**](https://trickest.com/?utm\_campaign=hacktrics\&utm\_medium=banner\&utm\_source=hacktricks) kujenga na **kudhibiti mchakato** kwa urahisi kutumia zana za **jamii za hali ya juu zaidi** duniani.\
Pata Ufikiaji Leo:
{% embed url="https://trickest.com/?utm_campaign=hacktrics&utm_medium=banner&utm_source=hacktricks" %}
Reference in a new issue View git blame Copy permalink