1018711288.yaml

id: telnet
info:
  name: RADLINX PASSaPORT CS terminal server telnetd
  author: nmap,cn-kali-team
  tags: detect,tech,telnet,service
  severity: info
  metadata:
    device_type: terminal server
    info: $1 ports; SW $2; HW $3
    rarity: 1
tcp:
- name: generic-lines
  inputs:
  - data: \r\n\r\n
  host:
  - '{{Hostname}}'
  port: 21,23,35,43,79,98,110,113,119,199,214,264,449,505,510,540,587,616,628,666,731,771,782,1000,1010,1080,1212,1220,1248,1302,1400,1432,1467,1501,1505,1666,2010,2024,2600,3000,3005,3128,3310,3333,3940,4155,5000,5400,5432,5555,5570,6112,6432,7144,7145,7200,7780,8000,8138,9801,11371,11965,13720,18086,19150,26214,26470,31416,30444,34012,56667,1040-1043,1687-1688,6667-6670,9000-9003,15000-15002
  extractors:
  - name: telnet
    type: regex
    regex:
    - ^\xff\xfb\x01\xff\xfd\x03\xff\xfb\x03\x1b\[2J\x1b\[H \n\r\0\x1b\[H\x1b\[JPASSaPORT CS-(\d+)  SW V([-\w_.]+) , HW V([-\w_.]+)\r\n\r\n