lighttpd 1.4.35
tcp/8080
The Kafka instance is available to the public without authentication.
An attacker could connect to the queue to extract private/confidential information in real-time.
Fingerprint: 43224224eeda9da960defeaa0efe442a96045d0fb68249d4b68249d4b68249d4
NoAuth Found topic __consumer_offsets Found topic nc_realtime_data Found topic cmd
Fingerprint: 43224224eeda9da960defeaab5553febdec79333484c587e484c587e484c587e
NoAuth Found topic cmd Found topic __consumer_offsets Found topic nc_realtime_data
Fingerprint: 43224224eeda9da960defeaa7cb1af8fa6411d54c6015834c6015834c6015834
NoAuth Found topic nc_realtime_data Found topic cmd Found topic __consumer_offsets
Open service 118.35.16.254:8080
2024-04-25 01:53
HTTP/1.1 200 OK Content-Type: text/html Accept-Ranges: bytes Last-Modified: Tue, 01 Jul 2014 05:54:13 GMT Content-Length: 279 Connection: close Date: Thu, 25 Jan 2024 06:02:48 GMT Server: lighttpd/1.4.35 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html> <head> <title></title> <script type="text/javascript" language="javascript"> document.location.replace('./home/monitoring.cgi'); </script> </head> <body></body> </html>