fix(services): Resolve protocol realism gaps and update technical debt register

- Add dynamic challenge nonces to Postgres, VNC, and SIP. - Add basic keyspace lookup and mock data to Redis. - Correct MSSQL TDS pre-login offset bounds. - Support MongoDB OP_MSG handshake version checking. - Suppress Werkzeug HTTP server headers and normalize FTPAnonymousShell response. - Add tracking for Dynamic Bait Store (DEBT-027) via DEBT.md.
2026-04-10 02:16:42 -04:00
parent 5cb6666d7b
commit f583b3d699
10 changed files with 220 additions and 38 deletions
--- a/templates/mssql/server.py
+++ b/templates/mssql/server.py
@@ -14,27 +14,30 @@ NODE_NAME = os.environ.get("NODE_NAME", "dbserver")
 SERVICE_NAME   = "mssql"
 LOG_TARGET = os.environ.get("LOG_TARGET", "")

-# Minimal TDS pre-login response
 _PRELOGIN_RESP = bytes([
-    0x04, 0x01, 0x00, 0x2b, 0x00, 0x00, 0x01, 0x00,  # TDS header type=4, status=1, len=43
-    # VERSION option
+    0x04, 0x01, 0x00, 0x2f, 0x00, 0x00, 0x01, 0x00,  # TDS header type=4, status=1, len=47
+    # 0. VERSION option
    0x00, 0x00, 0x1a, 0x00, 0x06,
-    # ENCRYPTION option (not supported = 0x02)
+    # 1. ENCRYPTION option
    0x01, 0x00, 0x20, 0x00, 0x01,
-    # INSTOPT
+    # 2. INSTOPT
    0x02, 0x00, 0x21, 0x00, 0x01,
-    # THREADID
+    # 3. THREADID
    0x03, 0x00, 0x22, 0x00, 0x04,
+    # 4. MARS
+    0x04, 0x00, 0x26, 0x00, 0x01,
    # TERMINATOR
    0xff,
-    # version data: 16.00.1000
-    0x10, 0x00, 0x03, 0xe8, 0x00, 0x00,
+    # version data: 14.0.2000
+    0x0e, 0x00, 0x07, 0xd0, 0x00, 0x00,
    # encryption: NOT_SUP
    0x02,
-    # instance name NUL
+    # instopt
    0x00,
    # thread id
-    0x00, 0x00, 0x00, 0x01,
+    0x00, 0x00, 0x00, 0x00,
+    # mars
+    0x00,
 ])