teatime.plugins.ipfs package¶
Submodules¶
teatime.plugins.ipfs.add module¶
This module contains plugins regarding file uploads to the node.
-
class
teatime.plugins.ipfs.add.
OpenUploadAdd
(file_name: str = '.teatime', file_content: str = 'teatime test file')[source]¶ Bases:
teatime.plugins.base.IPFSRPCPlugin
Detect where it’s possible to upload a file using the /add endpoint.
Severity: High
Endpoint: https://docs.ipfs.io/reference/http/api/#api-v0-add
An open upload functionality can enable an attacker to upload a lot of random data until storage space is exhausted, thus performing a denial of service attack against future uploads.
-
INTRUSIVE
= True¶
-
-
class
teatime.plugins.ipfs.add.
OpenUploadTarAdd
(file_name: str = '.teatime', file_content: str = 'teatime test file')[source]¶ Bases:
teatime.plugins.base.IPFSRPCPlugin
Detect where it’s possible to upload a file using the /tar/add endpoint.
Severity: High
Endpoint: https://docs.ipfs.io/reference/http/api/#api-v0-tar-add
An open upload functionality can enable an attacker to upload a lot of random data until storage space is exhausted, thus performing a denial of service attack against future uploads.
-
INTRUSIVE
= True¶
-
teatime.plugins.ipfs.commands module¶
This module contains plugins regarding commands surfaced by the node.
-
class
teatime.plugins.ipfs.commands.
CommandCheck
(allowlist: Optional[Sequence[Sequence[str]]] = None, denylist: Optional[Sequence[Sequence[str]]] = None)[source]¶ Bases:
teatime.plugins.base.IPFSRPCPlugin
Detect whether disallowed commands are enabled.
Severity: High
Endpoint: https://docs.ipfs.io/reference/http/api/#api-v0-commands
The IPFS API offers a lot of endpoints, some of which might be accidentally enabled. This plugin attempts to fetch the list of enabled API commands and will log an issue of user-specified commands are enabled, or not enabled.
-
INTRUSIVE
= False¶
-
teatime.plugins.ipfs.files module¶
This module contains plugins regarding listing files provided by the node.
-
class
teatime.plugins.ipfs.files.
CIDFSEnum
(cid_paths: Sequence[str] = None)[source]¶ Bases:
teatime.plugins.base.IPFSRPCPlugin
Check whether the given CIDs are present on the node.
Severity: Medium
Endpoint: https://docs.ipfs.io/reference/http/api/#api-v0-ls Endpoint: https://docs.ipfs.io/reference/http/api/#api-v0-file-ls
A common IPFS file path is leaking directory contents of UNIX filesystem objects. Depending on where IPFS has been mounted, this can leak f”confidential information.
-
INTRUSIVE
= False¶
-
-
class
teatime.plugins.ipfs.files.
FilestoreEnum
[source]¶ Bases:
teatime.plugins.base.IPFSRPCPlugin
Check whether the objects in the filestore can be listed.
Severity: Medium
Endpoint: https://docs.ipfs.io/reference/http/api/#api-v0-filestore-ls
The filestore endpoint is leaking contents of its objects. An attacker can use this endpoint to enumerate potentially confidential data on the system.
-
INTRUSIVE
= False¶
-
-
class
teatime.plugins.ipfs.files.
UnixFSEnum
(path: str = None)[source]¶ Bases:
teatime.plugins.base.IPFSRPCPlugin
Check whether the objects in the local mutable namespace can be listed.
Severity: Medium
Endpoint: https://docs.ipfs.io/reference/http/api/#api-v0-files-ls
The UNIX root directory path is leaking contents of UNIX filesystem objects. An attacker can use this endpoint along with the /files/read endpoint to enumerate potentially confidential data on the system.
-
INTRUSIVE
= False¶
-
teatime.plugins.ipfs.keys module¶
This module contains plugins regarding listing and extracting keys.
-
class
teatime.plugins.ipfs.keys.
KeyLeaks
(export: bool = False)[source]¶ Bases:
teatime.plugins.base.IPFSRPCPlugin
List and attempt to export the node’s keys.
Severity: CRITICAL
Endpoint: https://docs.ipfs.io/reference/http/api/#api-v0-key-export
The version endpoint reveals the Go version IPFS has been compiled with, along with repository and system information, which may contain sensitive data.
-
INTRUSIVE
= False¶
-
teatime.plugins.ipfs.logs module¶
This module contains plugins regarding log information leaked by the node.
-
class
teatime.plugins.ipfs.logs.
ChangeLogLevel
(subsystem: str = 'all', level: str = 'info')[source]¶ Bases:
teatime.plugins.base.IPFSRPCPlugin
Attempt to change the log level for the given subsystems.
Severity: Medium
Endpoint: https://docs.ipfs.io/reference/http/api/#api-v0-log-level
Anyone can change the log level of messages generated by the node. Log messages, especially debug-level ones, can leak sensitive information about the node’s setup and operations running on it. An attacker may unlock additional information by enabling debug logs. This could also results in degraded performance, espeically when logs are stored in local files, or in log aggregation systems unable to handle the load.
-
INTRUSIVE
= True¶
-
-
class
teatime.plugins.ipfs.logs.
EnumerateLogs
[source]¶ Bases:
teatime.plugins.base.IPFSRPCPlugin
Attempt to list all logging subsystems.
Severity: Low
Endpoint: https://docs.ipfs.io/reference/http/api/#api-v0-log-ls
It is possible to list the logging subsystems that the node is using. This may be used by an attacker to find non-standard customizations on the node, as well as fingerprint the node setup for identification.
-
INTRUSIVE
= False¶
-
-
class
teatime.plugins.ipfs.logs.
ReadLogs
(line_limit: int = 1)[source]¶ Bases:
teatime.plugins.base.IPFSRPCPlugin
Gather a sample of log data from the node’s subsystems.
Severity: Medium
Endpoint: https://docs.ipfs.io/reference/http/api/#api-v0-log-tail
Anyone can list log messages generated by the node. Log messages, especially debug-level ones, can leak sensitive information about the node’s setup and operations running on it.
-
INTRUSIVE
= False¶
-
teatime.plugins.ipfs.p2p module¶
This module contains plugins regarding leaked P2P network information
-
class
teatime.plugins.ipfs.p2p.
P2PCloseStream
[source]¶ Bases:
teatime.plugins.base.IPFSRPCPlugin
Attempt to close all active P2P streams.
Severity: High
Endpoint: https://docs.ipfs.io/reference/http/api/#api-v0-p2p-stream-close
Anyone is able to close active P2P streams on this node. This exposed functionality may be used by an attacker to disrupt the node’s availability and block connections.
-
INTRUSIVE
= True¶
-
-
class
teatime.plugins.ipfs.p2p.
P2PCreateListener
[source]¶ Bases:
teatime.plugins.base.IPFSRPCPlugin
Attempt to enable forwarding new connections to the libp2p service.
Severity: High
Endpoint: https://docs.ipfs.io/reference/http/api/#api-v0-p2p-listen
Anyone is able to register P2P listeners on this node. This exposed functionality may be used by an attacker to disrupt the node’s availability and block connections.
-
INTRUSIVE
= True¶
-
-
class
teatime.plugins.ipfs.p2p.
P2PEnableForwarding
[source]¶ Bases:
teatime.plugins.base.IPFSRPCPlugin
Attempt to enable forwarding new connections to the libp2p service.
Severity: High
Endpoint: https://docs.ipfs.io/reference/http/api/#api-v0-p2p-forward
Anyone is able to register P2P forwardings on this node. This exposed functionality may be used by an attacker to disrupt the node’s availability and block connections.
-
INTRUSIVE
= True¶
-
-
class
teatime.plugins.ipfs.p2p.
P2PListListeners
[source]¶ Bases:
teatime.plugins.base.IPFSRPCPlugin
Attempt to list all active P2P listeners.
Severity: Low
Endpoint: https://docs.ipfs.io/reference/http/api/#api-v0-p2p-ls
Anyone is able to list the P2P listener services running on this node. This method may leak internal information on other peer-to-peer services running on this node.
-
INTRUSIVE
= False¶
-
-
class
teatime.plugins.ipfs.p2p.
P2PListStreams
[source]¶ Bases:
teatime.plugins.base.IPFSRPCPlugin
Attempt to list all active P2P streams.
Severity: Low
Endpoint: https://docs.ipfs.io/reference/http/api/#api-v0-p2p-stream-ls
Anyone is able to list the active P2P streams on this node. This method may leak internal information on other peer-to-peer services and connections on this node.
-
INTRUSIVE
= False¶
-
-
class
teatime.plugins.ipfs.p2p.
P2PStopForwarding
[source]¶ Bases:
teatime.plugins.base.IPFSRPCPlugin
Attempt to stop the node from listening to new connection forwards.
Severity: High
Endpoint: https://docs.ipfs.io/reference/http/api/#api-v0-p2p-close
Anyone is able to close active P2P forwardings on this node. This exposed functionality may be used by an attacker to disrupt the node’s availability and block connections.
-
INTRUSIVE
= True¶
-
teatime.plugins.ipfs.pins module¶
This module contains plugins regarding listing and manipulating a node’s pins.
-
class
teatime.plugins.ipfs.pins.
AddPin
(cid: str = 'Qmf9vKuR6MnTEGYXhzwpMib5EFGoXPWCJh3mXTvasb3Cas')[source]¶ Bases:
teatime.plugins.base.IPFSRPCPlugin
Detect where it’s possible to add new pin.
Severity: High
Endpoint: https://docs.ipfs.io/reference/http/api/#api-v0-pin-add
Open pinning can enable an attacker to flush a large amount of random data onto the node’s disk until storage space is exhausted, thus performing a denial of service attack against future uploads/pins.
-
INTRUSIVE
= True¶
-
-
class
teatime.plugins.ipfs.pins.
EnumeratePins
(cid: str = 'Qmf9vKuR6MnTEGYXhzwpMib5EFGoXPWCJh3mXTvasb3Cas')[source]¶ Bases:
teatime.plugins.base.IPFSRPCPlugin
Detect where it’s possible to list the node’s pins.
Severity: Low
Endpoint: https://docs.ipfs.io/reference/http/api/#api-v0-pin-ls
It is possible to list all the content IDs that are pinned to the node’s local storage.
-
INTRUSIVE
= False¶
-
-
class
teatime.plugins.ipfs.pins.
RemovePin
(pin: str = 'Qmf9vKuR6MnTEGYXhzwpMib5EFGoXPWCJh3mXTvasb3Cas', restore: bool = True)[source]¶ Bases:
teatime.plugins.base.IPFSRPCPlugin
Detect where it’s possible to remove the node’s pins.
Severity: High
Endpoint: https://docs.ipfs.io/reference/http/api/#api-v0-pin-rm
It is possible to remove all the content IDs that are pinned to the node’s local storage. This poses a risk to data availability as an attacker can unpin any file.
-
INTRUSIVE
= True¶
-
teatime.plugins.ipfs.shutdown module¶
This module contains a plugin to test a node’s remote shutdown functionality.
-
class
teatime.plugins.ipfs.shutdown.
Shutdown
[source]¶ Bases:
teatime.plugins.base.IPFSRPCPlugin
Attempt to list all active P2P listeners.
Severity: Critical
Endpoint: https://docs.ipfs.io/reference/http/api/#api-v0-shutdown
Anyone can shut down the IPFS daemon. This plugin has shut down the node. This is the highest possible threat to availability. Why would you leave this enabled? Are you insane?
-
INTRUSIVE
= True¶
-
teatime.plugins.ipfs.version module¶
This module contains plugins to probe a node’s version and find outdated dependencies.
-
class
teatime.plugins.ipfs.version.
DependencyVersion
(check_dependencies: bool = True)[source]¶ Bases:
teatime.plugins.base.IPFSRPCPlugin
Detect whether the node’s version endpoint is available.
Severity: Low
Endpoint: https://docs.ipfs.io/reference/http/api/#api-v0-version-deps
The version endpoint reveals the Go version IPFS has been compiled with, along with repository and system information, which may contain sensitive data.
-
INTRUSIVE
= False¶
-
-
class
teatime.plugins.ipfs.version.
Version
[source]¶ Bases:
teatime.plugins.base.IPFSRPCPlugin
Detect whether the node’s version endpoint is available.
Severity: Low
Endpoint: https://docs.ipfs.io/reference/http/api/#api-v0-version
The version endpoint reveals the Go version IPFS has been compiled with, along with repository and system information, which may contain sensitive data.
-
INTRUSIVE
= False¶
-
teatime.plugins.ipfs.webui module¶
This module contains a plugin detect a node’s exposed web interface.
-
class
teatime.plugins.ipfs.webui.
WebUIEnabled
(route: str = '/webui')[source]¶ Bases:
teatime.plugins.base.IPFSRPCPlugin
Attempt to access the target’s Web UI.
Severity: HIGH
Anyone can access the Web UI. A plethora of administrative actions can be done through the web interface. This includes changing the node’s configuration, which can be used to open other potential attack vectors.
-
INTRUSIVE
= False¶
-