Skip to content

celsogbezerra/BigIP-Cookie-Decoder

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

23 Commits

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

bigip.rb

bigip.rb

 
 

Repository files navigation

BigIP Cookie Decoder

The BIG-IP system inserts a cookie into the HTTP response, by default, is named BIGipServer<pool_name> and the cookie value contains the encoded IP address and port of the destination server.

This behavior can cause disclose local IP address of Web Server.

Reference:

Usage:

ruby bigip.rb [-h] [-u URL_TARGET] [-d BIGIP_COOKIE_VALUE]

Options:

-d Decode the cookie value.

-h Print a summary of the usage.

-u Get the BIGip value in target and decode.

Examples:

guest@hostname:~$ ruby bigip.rb -d 1677787402.36895.0000

IP address found:

IP Address : 10.33.70.12

Port : 443

guest@hostname:~$ ruby bigip.rb -u https://example.com/

BIGip cookie: 1677787402.36895.0000

IP address found:

IP Address : 10.33.70.12

Port : 443

About

Disclose IP address in Big-IP cookie

Topics

ruby script security-tools websecurity disclosures webapplication bigip-cookie

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages