patch-1
sandeep 2023-09-29 14:51:39 +05:30
parent e109f59372
commit 9fa9792dbf
1 changed files with 6 additions and 6 deletions

View File

@ -4,7 +4,6 @@ info:
name: BGP Detection
author: danfaizer
severity: info
tags: network,bgp,detect
description: |
The remote host is running BGP, a popular routing protocol. This indicates that the remote host is probably a network router.
impact: |
@ -16,10 +15,14 @@ info:
reference:
- https://www.acunetix.com/vulnerabilities/network/vulnerability/bgp-detection/
- https://www.tenable.com/plugins/nessus/11907
metadata:
shodan-query: product:"BGP"
tags: network,bgp
tcp:
- inputs:
- data: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF001D010400FFFF0000B4C0
type: hex
# Source: https://www.rfc-editor.org/rfc/rfc4271.html#section-4.2
# FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF represents the 16-byte marker field.
# 001D is the total length of the BGP message, including the 19 bytes of the header and the optional parameters.
@ -28,15 +31,12 @@ tcp:
# FFFF represents the Autonomous System Number (ASN) in hexadecimal format.
# 0000 represents the Hold Time.
# B4C0 represents the BGP Identifier, usually an IP address in hexadecimal format.
type: hex
name: resp
host:
- "{{Hostname}}"
- "{{Host}}:179"
port: 179
read-size: 16
matchers:
- type: word
encoding: hex