maride/hacktricks
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks.git synced 2025-10-10 18:36:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
hacktricks/src/network-services-pentesting/8086-pentesting-influxdb.md

106 lines
3.8 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# 8086 - Pentesting InfluxDB
{{#include ../banners/hacktricks-training.md}}
## Basic Information
**InfluxDB** ni hifadhidata ya **mfululizo wa wakati (TSDB)** iliyoandaliwa na InfluxData. TSDBs zimeboreshwa kwa ajili ya kuhifadhi na kutoa data za mfululizo wa wakati, ambazo zinajumuisha jozi za alama za wakati na thamani. Ikilinganishwa na hifadhidata za matumizi ya jumla, TSDBs zinatoa maboresho makubwa katika **nafasi ya kuhifadhi** na **utendaji** kwa seti za data za mfululizo wa wakati. Zinatumia algorithimu maalum za kufinya na zinaweza kuwekwa ili kuondoa data za zamani kiotomatiki. Indices maalum za hifadhidata pia zinaongeza utendaji wa maswali.
**Port ya kawaida**: 8086
```
PORT STATE SERVICE VERSION
8086/tcp open http InfluxDB http admin 1.7.5
```
## Enumeration
Kutoka kwa mtazamo wa pentester hii ni database nyingine ambayo inaweza kuwa inahifadhi taarifa nyeti, hivyo ni ya kuvutia kujua jinsi ya kutupa taarifa zote.
### Authentication
InfluxDB inaweza kuhitaji uthibitisho au la
```bash
# Try unauthenticated
influx -host 'host name' -port 'port #'
> use _internal
```
Ikiwa unapata kosa kama hili: `ERR: unable to parse authentication credentials` inamaanisha kwamba inatarajia baadhi ya akreditivu.
```
influx username influx password influx_pass
```
Kulikuwa na udhaifu katika influxdb ambao uliruhusu kupita uthibitisho: [**CVE-2019-20933**](https://github.com/LorenzoTullini/InfluxDB-Exploit-CVE-2019-20933)
### Uhesabu wa Mikono
Taarifa za mfano huu zilichukuliwa kutoka [**hapa**](https://oznetnerd.com/2017/06/11/getting-know-influxdb/).
#### Onyesha hifadhidata
Hifadhidata zilizopatikana ni `telegraf` na `internal` (utazipata hii kila mahali)
```bash
> show databases
name: databases
name
----
telegraf
_internal
```
#### Onyesha meza/mipimo
The [**InfluxDB documentation**](https://docs.influxdata.com/influxdb/v1.2/introduction/getting_started/) inaeleza kwamba **mipimo** katika InfluxDB yanaweza kulinganishwa na meza za SQL. Neno la **mipimo** linaashiria maudhui yao husika, kila moja ikiwa na data inayohusiana na entiti maalum.
```bash
> show measurements
name: measurements
name
----
cpu
disk
diskio
kernel
mem
processes
swap
system
```
#### Onyesha funguo za uwanja
Funguo za uwanja ni kama **safuwima** za hifadhidata
```bash
> show field keys
name: cpu
fieldKey fieldType
-------- ---------
usage_guest float
usage_guest_nice float
usage_idle float
usage_iowait float
name: disk
fieldKey fieldType
-------- ---------
free integer
inodes_free integer
inodes_total integer
inodes_used integer
[ ... more keys ...]
```
#### Dump Table
Na hatimaye unaweza **dump the table** ukifanya kitu kama
```bash
select * from cpu
name: cpu
time cpu host usage_guest usage_guest_nice usage_idle usage_iowait usage_irq usage_nice usage_softirq usage_steal usage_system usage_user
---- --- ---- ----------- ---------------- ---------- ------------ --------- ---------- ------------- ----------- ------------ ----------
1497018760000000000 cpu-total ubuntu 0 0 99.297893681046 0 0 0 0 0 0.35105315947842414 0.35105315947842414
1497018760000000000 cpu1 ubuntu 0 0 99.69909729188728 0 0 0 0 0 0.20060180541622202 0.10030090270811101
```
> [!WARNING]
> Katika baadhi ya majaribio na uhamasishaji wa uthibitisho, ilibainika kwamba jina la jedwali linahitaji kuwa kati ya nukuu mbili kama: `select * from "cpu"`
### Uthibitishaji wa Kiotomatiki
```bash
msf6 > use auxiliary/scanner/http/influxdb_enum
```
{{#include ../banners/hacktricks-training.md}}
Reference in New Issue View Git Blame Copy Permalink