1 / 10

Operating System Fingerprinting Library

Operating System Fingerprinting Library. Introduction History Library Future. Introduction. This is the introduction of a Operating System Fingerprinting Library Who is this code for? Black Hats White Hats Cat in the Hat Who is this talk for? Black Hats White Hats Developers

gcook
Download Presentation

Operating System Fingerprinting Library

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Operating System Fingerprinting Library • Introduction • History • Library • Future

  2. Introduction • This is the introduction of a Operating System Fingerprinting Library • Who is this code for? • Black Hats • White Hats • Cat in the Hat • Who is this talk for? • Black Hats • White Hats • Developers • This is a Deep Knowledge Track about beta code!!! • (Translation) This talk is more about tomorrow than today! Most of what will be presented here is less useful then it is an indication about the way things will be. • (Translation) You will not get the code on my ftp to compile on your first try!

  3. The History of Operating System Fingerprinting

  4. Library • Each test is written in two separate .c files • One file for sending functions • One for listening • For instance nmap_T1.c and nmap_TX_listen.c • One function per file • Arguments to each function are everything that should be handled in the Test Logic. • char *nmap_T1(u_long src_ip, ulong dst ip, u_short src_prt, u_short dst_prt, u_int seq)

  5. Library Java • All Files begin with J ( so I can see the java library w/ ls J*) • All Tests are extensions from JOSTest • JOSTest contains the Family structure of OSLib • Abstract Class JOSTest • { • String OSFamilyName • String OSMajorVersion • String OSMinorVersion • String OSOther • String OSArch • ….. Etc • }

  6. JOSLib • Extensions to JOSTest are required to implement runtest() • Runtest() should be threaded wherever possible • JOSTest should also contains comparison methods useful for doing Set functions on groups of Tests. • This way you can search a group of Tests for equality or subset using class calls

  7. A look at the code • Open file nmap_T1.c • Open file x_mr.c • Open file JOSimp.c • Open file JOSTest.java • Open file JnmapTXOSTest.java

  8. Trivial Example App • Show trivial app

  9. Perl Module and C++ module • On the way…

  10. Future • New Tests • Ring • Other older tests??? • Service Fingerprinting • Winfingerprint • Other Service fingerprinters??? • Integration with lib-whisker??? • CVE Database – Operating System and Service Abstract Map • Create a very consistent map of what OS Version is vulnerable with regards to what is possible via fingerprinting… • Develop… Simple Scanner • LibOS Apache Module

More Related