Home page logo

fulldisclosure logo Full Disclosure mailing list archives

One packet OS fingerprinting feature in SinFP3
From: GomoR <gomor-fd () gomor org>
Date: Sun, 25 Nov 2012 17:15:04 +0100

Hi list,

The latest version of SinFP3 (v1.20) introduces two  new  cool  features:  the
ability to perform a SYN scan and doing OS fingerprinting at  the  same  time.
The idea is to use SYN|ACK answers to the SYN scanning  process  to  acurately
identify the remote operating system nature.  The  second  new  feature  is  a
server  mode  allowing  third-party  applications   to   access   the   SinFP3
fingerprinting engine. We also created a new output plugin to display  results
in a simpler manner than in previous versions of SinFP3.



# sinfp3.pl -synscan-fingerprint -target openbsd.org -port top10 -best-score
[+] [J:0] Loaded Input:  Net::SinFP3::Input::SynScan
[+] [J:0] Loaded DB:     Net::SinFP3::DB::SinFP3
[+] [J:0] Loaded Mode:   Net::SinFP3::Mode::Active
[+] [J:0] Loaded Search: Net::SinFP3::Search::Active
[+] [J:0] Loaded Output: Net::SinFP3::Output::Simple
[+] [J:0] Starting of Input [Net::SinFP3::Input::SynScan]
[+] [J:1] Starting of job with Next []:25 flags: 0x12
[+] [J:2] Starting of job with Next []:80 flags: 0x12
[  ]:80     reverse: unknown  [ 94%: OpenBSD 4.x]
[  ]:80     reverse: unknown  [ 94%: OpenBSD 3.x]
[  ]:25     reverse: unknown  [100%: OpenBSD 4.x]
[  ]:25     reverse: unknown  [100%: OpenBSD 3.x]


http://patriceauffret.com/  - @PatriceAuffret
http://www.networecon.com/  - @networecon
http://www.secure-side.com/ - @secure_side

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
  • One packet OS fingerprinting feature in SinFP3 GomoR (Nov 25)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]