Metasploit mailing list archives

MoAxB in the MSF world: target OS detection with JavaScript

From: nicob at nicob.net (Nicob)
Date: Mon, 21 May 2007 21:53:25 +0200

Le lundi 21 mai 2007 ? 09:17 +0200, Jerome Athias a ?crit :

                case request['User-Agent']
                        when /Windows (NT |)4\.0/
                                myoffset = 4116
                        when /Windows (NT |)5\.0/
                                myoffset = 4116
                        when /Windows (NT |)5\.1/
                                myoffset = 4116
                        when /Windows (NT |)5\.2/
                                myoffset = 4116
                        when /Windows (NT |)6\.0/
                                myoffset = 4116
                        else
                                [send 404]
                end


Why this code ? Is it automatically created ? I would prefer trying
"myoffset = 4116" even if the User-Agent doesn't match a known one. A
vulnerable ActiveX in a customized browser should still be exploitable.

Nicob

Current thread:

MoAxB in the MSF world: target OS detection with JavaScript Jerome Athias (May 18)
- MoAxB in the MSF world: target OS detection with JavaScript Kurt Grutzmacher (May 18)
  - MoAxB in the MSF world: target OS detection with JavaScript Jerome Athias (May 21)
    - MoAxB in the MSF world: target OS detection with JavaScript Nicob (May 21)
    - MoAxB in the MSF world: target OS detection with JavaScript Jerome Athias (May 21)
- <Possible follow-ups>
- MoAxB in the MSF world: target OS detection with JavaScript Mike Whitehead (May 18)
  - MoAxB in the MSF world: target OS detection with JavaScript Jerome Athias (May 18)