If there is a match, the according implementation is flagged as "identified". Looked up in the local fingerprint database. These could be dissected to identify some specific fingerprint elements. Whenever the given http headers are sent to browserrecon for analysis, the identification process starts. The application works very straight forward. Or ftp clients might be determined by their specific command sequences. For example mail clients can be identified by their individual smtp and pop3 command chains. a sniffer or a firewall) might be able to do the same fingerprinting of the http request behavior.Ī very similar approach for client-side application fingerprinting can beĪpplied to other services and clients too. Even the web server itself or an inline device (e.g. Further ports to ASP.NET, JSP and traditional CGI are possible. A port for classic ASP (Active Server Pages) is available. Web-based scripting languages that are able to access the http headers sent by the client are able to provide the same functionality. The current implementation of browserrecon is provided as a php script and ready for live testing on the project web site. Similar to the http fingerprinting provided within httprecon the header lines and values are analyzed and compared to a fingerprint database. Implementation, currently available in php only, the given web browser is identified by the used http requests. The browserrecon project is going to prove, that client-side fingerprinting is possible and useful too. Attacker might initialize and optimize their attacks by fingerprinting the target application to find the best possible way to compromise the client. Browser-targeted attacks, drive-by pharming and web-based phishing provide a broad aspect of threats during surfing in the world wide web. Targeting web clients, are becoming more and more popular. Of course, many attack scenarios are focusing on server-side attacks. Well-known and widely-accepted implementations of such utilities are available for http web services, smtp mail server, ftp servers and even telnet daemons. Most of todays tools for fingerprinting are focusing on server-side services.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |