Skip to content

BinaryEdge API Documentation

Home
API V1 (Enterprise)
API V2
Search Details
Search Details
HTTP Status Messages
Data Formats
Data Formats
Sensors (Honeypots)
Sensors (Honeypots)

Doublepulsar

The Doublepulsar module attempts to determine if an RDP or SMB server is vulnerable to the Doublepulsar vulnerability.

Doublepulsar Request Example

curl -v -L https://api.binaryedge.io/v1/tasks -d '{"type":"scan", "options":[{"targets":["X.X.X.X"], "ports":[{"port":3389, "protocol":"tcp", "modules":["doublepulsar"]}]}]}' -H "X-Token:<Token>"

Doublepulsar Request Options

These are optional parameters that can alter the behaviour of the module. These options can be inserted into the "config" object on the request.

doublepulsar_mode - Whether to run the vulnerability checker in RDP or SMB mode.
- "config":{"doublepulsar_mode":"rdp"}

Schema

Doublepulsar Event Schema

{
  ...
  "result": {
    "data": {
        "infected_with_doublepulsar": "boolean",
        "reason": "string"
    }
}

Contents of the fields:

infected_with_doublepulsar - Whether the remote server is vulnerable to doublepulsar or not
reason - Reason why the remote server was deemed vulnerable or not

Doublepulsar Event Example

{
  ...
  "result": {
    "data": {
        "infected_with_doublepulsar": false,
        "reason": "ping packet send error"
    }
  }
}