Skip to content

Doublepulsar

The Doublepulsar module attempts to determine if an RDP or SMB server is vulnerable to the Doublepulsar vulnerability.

Doublepulsar Request Example

curl -v -L https://api.binaryedge.io/v1/tasks -d '{"type":"scan", "options":[{"targets":["X.X.X.X"], "ports":[{"port":3389, "protocol":"tcp", "modules":["doublepulsar"]}]}]}' -H "X-Token:<Token>"

Doublepulsar Request Options

These are optional parameters that can alter the behaviour of the module. These options can be inserted into the "config" object on the request.

  • doublepulsar_mode - Whether to run the vulnerability checker in RDP or SMB mode.
    • "config":{"doublepulsar_mode":"rdp"}

Schema

Doublepulsar Event Schema

{
  ...
  "result": {
    "data": {
        "infected_with_doublepulsar": "boolean",
        "reason": "string"
    }
}

Contents of the fields:

  • infected_with_doublepulsar - Whether the remote server is vulnerable to doublepulsar or not
  • reason - Reason why the remote server was deemed vulnerable or not

Doublepulsar Event Example

{
  ...
  "result": {
    "data": {
        "infected_with_doublepulsar": false,
        "reason": "ping packet send error"
    }
  }
}