--- title: "9042 - Cassandra" weight: 9042 date: "2026-03-10T10:03:28+08:00" lastmod: "2026-03-10T13:26:55+08:00" --- 💡 **学习提示**: 本文档介绍 **Cassandra** 的渗透测试方法,适合信息安全初学者和从业人员参考。 ⚠️ **法律声明**: 本文档仅供学习和授权测试使用。未经授权的系统测试可能违反法律法规。 --- > ⚠️ **法律声明**: 本文档仅供学习和授权测试使用。未经授权的系统测试可能违反法律法规。 ## 9042/9160 - 渗透测试 Cassandra ### 基本信息 **Apache Cassandra** is a **highly scalable**, **high-performance** distributed database designed to handle **large amounts of data** across many **commodity servers**, providing **high availability** with no **single point of failure**. It is a type of **NoSQL database**. In several cases, you may find that Cassandra accepts **any credentials** (as there aren't any configured) and this could potentially allow an attacker to **enumerate** the database. **默认 port:** 9042,9160 ``` PORT STATE SERVICE REASON 9042/tcp open cassandra-native Apache Cassandra 3.10 or later (native protocol versions 3/v3, 4/v4, 5/v5-beta) 9160/tcp open cassandra syn-ack ``` ### 信息收集 #### Manual ```bash pip install cqlsh cqlsh #Basic info enumeration SELECT cluster_name, thrift_version, data_center, partitioner, native_protocol_version, rack, release_version from system.local; #Keyspace enumeration SELECT keyspace_name FROM system.schema_keyspaces; desc #Decribe that DB desc system_auth #Describe the DB called system_auth SELECT * from system_auth.roles; #Retreive that info, can contain credential hashes SELECT * from logdb.user_auth; #Can contain credential hashes SELECT * from logdb.user; SELECT * from configuration."config"; ``` #### Automated There aren't much options here and nmap doesn't obtain much info ```bash nmap -sV --script cassandra-info -p ``` #### [**Brute force**](../generic-hacking/brute-force.md#cassandra) #### **Shodan** `port:9160 Cluster`\ `port:9042 "Invalid or unsupported protocol version"` --- --- --- ### 搜索引擎语法 #### FOFA ```bash # FOFA 搜索语法 port="9042" ``` #### Shodan ```bash # Shodan 搜索语法 port:9042 ``` #### ZoomEye ```bash # ZoomEye 搜索语法 port:9042 ``` --- ## 📖 参考资料 - [HackTricks - 9042-cassandra](https://book.hacktricks.wiki/en/network-services-pentesting/9042-cassandra.html)