📄 sinfp4.pm
字号:
## $Id: SinFP4.pm,v 1.10.2.8.2.23 2006/08/28 17:56:31 gomor Exp $#package Net::SinFP::SinFP4;use strict;use warnings;require Net::SinFP;our @ISA = qw(Net::SinFP);__PACKAGE__->cgBuildIndices;require Net::Packet::Frame;require Net::Packet::IPv4;require Net::Packet::TCP;use Net::Packet::Consts qw(:tcp);use Net::Packet::Env qw($Env);sub getIpVersion { 'IPv4' }sub _getFilterPassive { '(ip and tcp and '. '((tcp[tcpflags] & tcp-syn != 0) and'. ' (tcp[tcpflags] & tcp-ack != 0)) or'. ' (tcp[tcpflags] & tcp-syn != 0))'. ' and (not src host '.$Env->ip.')';}sub _getFilterActive { my $self = shift; 'host '.$self->target->ip.' and host '.$Env->ip;}sub _getFileNamePassive { 'sinfp4-passive.pcap' }sub _getFileNameActive { my $self = shift; 'sinfp4-'.$self->target->ip.'.'.$self->target->port.'.pcap';}sub getOfflineProbes { my $self = shift; my ($targetIp) = @_; for ($self->_dump->frames) { next unless $_->isIpv4 && $_->isTcp; if ($self->doP1 && $_->getLength == 40 && $_->l4->haveFlagSyn && ! $_->l4->haveFlagAck && ! $self->pktP1) { $self->pktP1($_); next; } if ($self->doP2 && $_->getLength == 60 && $_->l4->haveFlagSyn && ! $_->l4->haveFlagAck && ! $self->pktP2) { $self->pktP2($_); next; } if ($self->doP3 && $_->getLength == 40 && $_->l4->haveFlagSyn && $_->l4->haveFlagAck && ! $self->pktP3) { $self->pktP3($_); next; } }}sub getResponseIpTtl { shift; shift->reply->l3->ttl }sub getResponseIpId { shift; shift->reply->l3->id }sub getResponseIpDfBit { shift; shift->reply->l3->haveFlagDf }sub getProbeIpId { shift; shift->l3->id }sub getP1 { my $self = shift; my $ip4 = Net::Packet::IPv4->new( tos => 0, id => $self->_pIpId, flags => 0, offset => 0, ttl => 255, protocol => 6, dst => $self->target->ip, ); my $tcp = Net::Packet::TCP->new( src => $self->_pTcpSrc, seq => $self->_pTcpSeq, ack => $self->_pTcpAck, dst => $self->target->port, x2 => 0, flags => NP_TCP_FLAG_SYN, win => 5840, ); Net::Packet::Frame->new(l3 => $ip4, l4 => $tcp),}sub getP2 { my $self = shift; my $ip4 = Net::Packet::IPv4->new( tos => 0, id => $self->_pIpId + 1, flags => 0, offset => 0, ttl => 255, protocol => 6, dst => $self->target->ip, ); my $tcp = Net::Packet::TCP->new( src => $self->_pTcpSrc + 1, seq => $self->_pTcpSeq + 1, ack => $self->_pTcpAck + 1, dst => $self->target->port, x2 => 0, flags => NP_TCP_FLAG_SYN, win => 5840, options => "\x02\x04\x05\xb4". "\x08\x0a\x44\x45". "\x41\x44\x00\x00". "\x00\x00\x03\x03". "\x01\x04\x02\x00". "", ); Net::Packet::Frame->new(l3 => $ip4, l4 => $tcp)}sub getP3 { my $self = shift; my $ip4 = Net::Packet::IPv4->new( tos => 0, id => $self->_pIpId + 2, flags => 0, offset => 0, ttl => 255, protocol => 6, dst => $self->target->ip, ); my $tcp = Net::Packet::TCP->new( src => $self->_pTcpSrc + 2, seq => $self->_pTcpSeq + 2, ack => $self->_pTcpAck + 2, dst => $self->target->port, x2 => 0, flags => NP_TCP_FLAG_SYN | NP_TCP_FLAG_ACK, win => 5840, ); Net::Packet::Frame->new(l3 => $ip4, l4 => $tcp)}1;=head1 NAMENet::SinFP::SinFP4 - IPv4 operating system fingerprinting=head1 DESCRIPTIONGo to http://www.gomor.org/sinfp to know more.=cut=head1 AUTHORPatrice E<lt>GomoRE<gt> Auffret=head1 COPYRIGHT AND LICENSECopyright (c) 2005-2006, Patrice E<lt>GomoRE<gt> AuffretYou may distribute this module under the terms of the Artistic license.See LICENSE.Artistic file in the source distribution archive.=cut⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -