id: weblogic-iiop-detect
info:
name: Weblogic IIOP Protocol Detection
author: F1tz
severity: info
description: |
The IIOP (Internet Inter-ORB Protocol) protocol makes it possible for distributed programs written in different programming languages to communicate over the Internet.
metadata:
max-request: 1
tags: network,weblogic,detect,oracle,iiop,detection,tcp
tcp:
- inputs:
- data: "{{hex_decode('47494f50010200030000001700000002000000000000000b4e616d6553657276696365')}}"
host:
- "{{Hostname}}"
read-size: 1024
matchers-condition: and
matchers:
- type: word
words:
- "GIOP"
- "weblogic"
condition: and
# digest: 490a0046304402204b944762be7f3dc608016540d7a4eae845b310a498890bbd43a1d3927b0b0f7602207df6a840fde3ada3965fa8d995e6d130724e11d336208e1168fdfd503cee412b:922c64590222798bb761d5b6d8e72950