dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Land #17646, Link Hadoop YARN exploit to documentation

This commit is contained in:
Grant Willcox 2023-02-15 15:09:05 -06:00
parent b89602bb7b 5d8b1dc4a6
commit a8d2073eee
No known key found for this signature in database
GPG Key ID: D35E05C0F2B81E83
1 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
modules/exploits/linux/http/hadoop_unauth_exec.rb
View File

@ -14,8 +14,8 @@ class MetasploitModule < Msf::Exploit::Remote
super(update_info(info,
'Name' => 'Hadoop YARN ResourceManager Unauthenticated Command Execution',
'Description' => %q{
This module uses built-in functionality to execute arbitrary commands on an unsecured Hadoop server which is not configured for strong
authentication, via Hadoop's standard ResourceManager REST API.
This module uses Hadoop's standard ResourceManager REST API to execute arbitrary commands on an unsecured Hadoop server.
Hadoop administrators should enable Kerberos authentication for these endpoints by changing the 'hadoop.security.authentication' setting in 'core-site.xml' from 'simple' (the default) to 'kerberos' before exposing the node to the network.
},
'License' => MSF_LICENSE,
'Author' =>
@ -26,8 +26,11 @@ class MetasploitModule < Msf::Exploit::Remote
'References' =>
[
['URL', 'http://archive.hack.lu/2016/Wavestone%20-%20Hack.lu%202016%20-%20Hadoop%20safari%20-%20Hunting%20for%20vulnerabilities%20-%20v1.0.pdf'],
['URL', 'https://github.com/vulhub/vulhub/tree/master/hadoop/unauthorized-yarn']
# Note, there will never be a CVE for this issue, unless something radical changes in the CVE inclusion rules.
['URL', 'https://github.com/vulhub/vulhub/tree/master/hadoop/unauthorized-yarn'],
# Note, there will never be a CVE for this issue, since this is a misconfiguration by the administrator rather than a vulnerability in the software.
# Hadoop installations should always configure Kerberos authentication before being exposed to the network,
# since the default configuration does not require authentication.
['URL', 'https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-common/SecureMode.html']
],
'Platform' => 'linux',
'Arch' => [ARCH_X86, ARCH_X64],