Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Schema Redesign #14

Open
moloch-- opened this issue Sep 7, 2015 · 4 comments
Open

Schema Redesign #14

moloch-- opened this issue Sep 7, 2015 · 4 comments
Assignees
@mandatoryprogrammer
Labels
enhancement

Comments

@moloch--
Copy link
Collaborator

moloch-- commented Sep 7, 2015

Updated JSON schema to remove ambiguity around what constitutes a "fingerprint," and allow for us to more easily add more attributes:

Single "Fingerprint" Object

{
    "name": "ASUS RT-N66U",
    "created": "2015-09-07 01:02:10.229153",
    "resources": ["/images/New_ui/asustitle.png","/images/loading.gif","/images/alertImg.png","/images/New_ui/networkmap/line_one.png","/images/New_ui/networkmap/lock.png","/images/New_ui/networkmap/line_two.png","/index_style.css","/form_style.css","/NM_style.css","/other.css"],
}
  • name is a string
  • created is a UTC timestamp when the fingerprint was created
  • resources is a list of strings, which are the paths of web resources we're going to attempt to scan for

List of Fingerprints

 [
    {
        "name": "ASUS RT-N66U",
        "created": "2015-09-07 01:02:10.229153",
        "resources": ["/images/New_ui/asustitle.png","/images/loading.gif","/images/alertImg.png","/images/New_ui/networkmap/line_one.png","/images/New_ui/networkmap/lock.png","/images/New_ui/networkmap/line_two.png","/index_style.css","/form_style.css","/NM_style.css","/other.css"],

    },
    {
        "name": "Linksys WRT54G",
        "created": "2015-08-07 01:02:10.229153",
        "resources": ["/UILinksys.gif","/UI_10.gif","/UI_07.gif","/UI_06.gif","/UI_03.gif","/UI_02.gif","/UI_Cisco.gif","/style.css"],

    },
]
@CheatCodes
Copy link

+1 for the new schema. An fingerprint object would allow the fingerprint to be more flexible like specifying IP addresses or ranges for a fingerprint, this could be useful for #10. It could also by used to specify the device is only accessible over https or to add a separate version field to help automate post discovery actions like exploitation.

 [
    {
        "name": "Some device",
        "version": "1.2.3",
        "created": "2015-09-07 01:02:10.229153",
        "resources": ["/someresource.css"],
        "address": ["192.168.1.1"],
        "protocol": "https",
    },
]

@mandatoryprogrammer
Copy link
Owner

Yep this is a good idea - I'll start coding on it today (thanks @moloch-- and @x0e-foobar)

@mandatoryprogrammer mandatoryprogrammer self-assigned this Sep 7, 2015
@mandatoryprogrammer
Copy link
Owner

Changed scheme to reflect what @moloch-- suggested, will add more functionality for things such as protocol and address soon 😄

Google Chrome fingerprint generator update should be approval in an hour or two.

@moloch--
Copy link
Collaborator Author

moloch-- commented Sep 7, 2015

Adding a version is also a very good idea

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mandatoryprogrammer mandatoryprogrammer

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@moloch-- @CheatCodes @mandatoryprogrammer