Use consul to discover new targets

[pierresouchay]

Instead of providing a list of targets, it would be possible to find other targets using Consul discovery to find all vulnerable targets ;)

[djhashh]

Yeah, I'd like that. What's the preferred way now? Shodan etc?

[pierresouchay]

1. Call /v1/agent/members on the target => will give your the list of agents in the same cluster in a JSON, in this list, identify servers (the instances having Tag.role == 'consul'), you can now iterate on all agents of the current cluster
2. On servers, call /v1/agent/members?wan server target to get the other cluster(s), then retry step 1 on new targets in other clusters :-)