nuclei-templates/network/detection/direct-connect-detect.yaml

id: direct-connect-detect

info:
  name: Direct Connect P2P - Detect
  author: pussycat0x
  severity: info
  reference:
    - https://en.wikipedia.org/wiki/Direct_Connect_(protocol)
  metadata:
    verfied: true
    shodan-query: product:"Direct Connect P2P"
    max-request: 1
  tags: js,network,detect,dc,direct-connect,p2p,discovery

tcp:
  - inputs:
      - data: 00000000
        type: hex

    host:
      - "{{Hostname}}"

    port: 548
    read-size: 1024

    matchers:
      - type: word
        words:
          - "$MyNick bb3096"
          - "$Lock EXTENDEDPROTOCOL"
        condition: or
# digest: 490a0046304402207cf1278fb46bd16752cf398ec31970cd03b58001323ecbc10b882a0bce294d820220528029f07ba733a08b5e46864163ebb0dcd23e259808bf26471a1c083a385ea2:922c64590222798bb761d5b6d8e72950