Metasploit mailing list archives
MoAxB in the MSF world: target OS detection with JavaScript
From: nicob at nicob.net (Nicob)
Date: Mon, 21 May 2007 21:53:25 +0200
Le lundi 21 mai 2007 ? 09:17 +0200, Jerome Athias a ?crit :
case request['User-Agent'] when /Windows (NT |)4\.0/ myoffset = 4116 when /Windows (NT |)5\.0/ myoffset = 4116 when /Windows (NT |)5\.1/ myoffset = 4116 when /Windows (NT |)5\.2/ myoffset = 4116 when /Windows (NT |)6\.0/ myoffset = 4116 else [send 404] end
Why this code ? Is it automatically created ? I would prefer trying "myoffset = 4116" even if the User-Agent doesn't match a known one. A vulnerable ActiveX in a customized browser should still be exploitable. Nicob
Current thread:
- MoAxB in the MSF world: target OS detection with JavaScript Jerome Athias (May 18)
- MoAxB in the MSF world: target OS detection with JavaScript Kurt Grutzmacher (May 18)
- MoAxB in the MSF world: target OS detection with JavaScript Jerome Athias (May 21)
- MoAxB in the MSF world: target OS detection with JavaScript Nicob (May 21)
- MoAxB in the MSF world: target OS detection with JavaScript Jerome Athias (May 21)
- MoAxB in the MSF world: target OS detection with JavaScript Jerome Athias (May 21)
- MoAxB in the MSF world: target OS detection with JavaScript Kurt Grutzmacher (May 18)
- <Possible follow-ups>
- MoAxB in the MSF world: target OS detection with JavaScript Mike Whitehead (May 18)
- MoAxB in the MSF world: target OS detection with JavaScript Jerome Athias (May 18)