unauthorized-access-common-services

SKILL.md

SKILL: Unauthorized Access to Common Services — Expert Attack Playbook

AI LOAD INSTRUCTION: Expert techniques for exploiting unauthenticated or weakly authenticated management services. Covers Redis write-to-RCE, Rsync data theft, PHP-FPM code execution, Ghostcat AJP file read, Hadoop YARN job submission, and H2 Console JNDI. These are infrastructure-level findings distinct from web application vulnerabilities.

0. RELATED ROUTING

ssrf-server-side-request-forgery when these services are reachable via SSRF (e.g., SSRF → Redis)

jndi-injection when H2 Console or similar accepts JNDI connection strings

deserialization-insecure when RMI Registry or T3 protocol is exposed

network-protocol-attacks for layer 2/3 attacks during service enumeration

reverse-shell-techniques for shell payloads after gaining command execution

Comprehensive Port Reference

Also load PORT_SERVICE_MATRIX.md when you need:

Full exploitation matrix organized by port number (20+ services)

Enumeration, brute force, and post-exploitation per service

Quick triage during nmap/masscan output analysis