9042/9160 - Pentesting Cassandra
Basic Information
Apache Cassandra is a highly scalable, high-performance distributed database designed to handle large amounts of data across many commodity servers, providing high availability with no single point of failure. It is a type of NoSQL database.
In several cases, you may find that Cassandra accepts any credentials (as there aren't any configured) and this could potentially allow an attacker to enumerate the database.
Default port: 9042,9160
Enumeration
Manual
Automated
There aren't much options here and nmap doesn't obtain much info
Shodan
port:9160 Cluster
port:9042 "Invalid or unsupported protocol version"
Last updated