sinfp3.pl [options] -target ip|ip6|hostname -port port|portList
# Single port active fingerprinting
sinfp3.pl -target example.com -port 80 -input-ipport -verbose 1
# Single port IPv6 active fingerprinting
sinfp3.pl -target example.com -port 80 -input-ipport -verbose 1 -6
# SynScan active fingerprinting of a single target
sinfp3.pl -target example.com -port top100 -verbose 1
# SynScan IPv6 active fingerprinting of a single target
sinfp3.pl -target example.com -port top100 -verbose 1 -6
# SynScan active fingerprinting of a target subnet
sinfp3.pl -target 192.0.43.0/24 -port top100 -verbose 1
# Passive fingerprinting
sinfp3.pl -mode-passive -search-active -input-sniff -verbose 1
# Passive IPv6 fingerprinting
sinfp3.pl -mode-passive -search-active -input-sniff -verbose 1 -6
# Active fingerprinting of LAN
sinfp3.pl -input-arpdiscovery -verbose 1
# Active fingerprinting of IPv6 LAN
sinfp3.pl -input-arpdiscovery -verbose 1 -6
# Simply SynScan the target
sinfp3.pl -target example.com -port full -mode-null -search-null -db-null -verbose 1
Options -Global:-version
Print sinfp3.pl version.-help
This help message.-target ip|ip6|hostname
Target. This is used to auto-detect some global parameters like device or ip.-port port|portList|top10|top100|top1000|all
Target port. Default for top10 ports for plugins able to handle multiple ports. This format is documented in `perldoc Net::SinFP3::Global' expandPorts method.-port-src port
Source port to use. Not supported by all plugins.-6
Use IPv6 fingerprinting where available. Default to off.-jobs number
Maximum number of jobs in parallel. Default: 10.-dns-resolve
Do DNS resolution for target. Default to yes.-dns-reverse
Do a reverse DNS lookup for targets. Default to no.-device name
Network device to use. Default to auto-detect.-thread
Use threaded worker model (discouraged). Fork is used by default (and in Perl, it is better than ithreads).-retry times
Re-launch probes specified number of time. Default: 3.-timeout seconds
Time in seconds before timing out. Default: 3.-pps number
Number of packet per seconds. Default: 200.-ip-src ip
The source IPv4 address to use. Default to auto-detect.-ip6-src ip6
The source IPv6 address to use. Default to auto-detect.-mac-src mac
The source MAC address to use. Default to auto-detect.-subnet-src subnet
The source IPv4 subnet address to use. Default to auto-detect.-subnet6-src subnet
The source IPv6 subnet address to use. Default to auto-detect.-ip-gateway ip
The gateway IPv4 address to use. Default to auto-detect.-ip6-gateway ip6
The gateway IPv6 address to use. Default to auto-detect.-mac-gateway mac
The gateway MAC address to use. Default to auto-detect.-verbose level
Use the following verbose level number. Between 0 and 3, from the less verbose to the most verbose. Default to 1.-threshold score
Use the specified threshold for plugins supporting it. Default to no threshold (0).-best-score
Only gather results for the best matches. Default to not.Manually select all plugins and their options:-input plugin
Use specified plugin for input. Default input plugin is Net::SinFP3::Input::SynScan.-input-arg plugin-arg
Parameter to the specified input plugin. Must use multiple times to give multiple parameters.-db plugin
Use specified plugin for db. Default DB plugin is Net::SinFP3::DB::SinFP3. Example: "sinfp3.pl -db SinFP3 -db-arg file=sinfp3.db".-db-arg plugin-arg
Parameter to the specified db plugin. Must use multiple times to give multiple parameters.-mode plugin
Use specified plugin for mode. Default mode plugin is Net::SinFP3::Mode::Active.-mode-arg plugin-arg
Parameter to the specified mode plugin. Must use multiple times to give multiple parameters.-search plugin
Use specified plugin for search. Default search plugin is Net::SinFP3::Search::Active.-search-arg plugin-arg
Parameter to the specified search plugin. Must use multiple times to give multiple parameters.-output plugin
Use specified plugin for output. Default output plugin is Net::SinFP3::Output::Console.-output-arg plugin-arg
Parameter to the specified output plugin. Must use multiple times to give multiple parameters.Plugin loading options:input-null
Turn off input plugin.input-arpdiscover
Use ARP scanning on the local subnet to discover targets. Works also with -6 argument.input-pcap
Take a pcap file (or files) as input.input-synscan
Perform a TCP SYN scan to find open ports. Default plugin.input-ipport
Use only target IP or hostname and one port.input-sniff
Listen on the network to capture frames.input-signature
Will ask the end-user to past an active signature as a string.input-signaturep
Will ask the end-user to past a passive signature as a string.mode-null
Turn off mode plugin.mode-active
Run using active plugin. This does active OS fingerprinting via SinFP3 engine.mode-passive
Run using passive plugin. This does passive OS fingerprinting via SinFP3 engine.db-null
Turn off DB plugin.db-sinfp3
Use Net::SinFP3::DB::SinFP3 database plugin. Default plugin.search-null
Turn off search plugin.search-active
Perform a search through a database in active mode. Default plugin.search-passive
Perform a search through a database in passive mode.log-null
Turn off log plugin.log-console
Log messages to the console. Default plugin.output-null
Turn off output plugin.output-console
Render output to the console. Default plugin.output-dumper
Prints a dump to the console.output-osonly
Only outputs operating system, and not full details of the fingerprint.output-osversionfamily
Only outputs operating system and its version family, and not full details of the fingerprint.output-pcap
Saves a trace to a pcap file. You can reply it afterwards using Net::SinFP3::Input::Pcap.output-csv
Saves fingerprinting results a csv file. You can use -csv-file to choose the output file.output-ubigraph
Takes a CSV file and display results using Ubigraph. You must use a CSV file as generated byNet::SinFP3::Output::CSV. You can use -csv-file to choose the input file.Plugin specific options:-db-update
Will update the database for the selected Net::SinFP3::DB plugin.-db-file file
Database file to use. Default is plugin dependant.-sniff-promiscuous
Use promiscuous mode while sniffing. Default to true.-pcap-anonymize
Replaces IP source and destination addresses (and update IP/TCP checksums) to anonymize a pcap output. Default to not.-pcap-append
Append to an already existing pcap file. Default to not.-pcap-filter pcap
Use specified pcap filter. Use it where available.-csv-file file
Use input taken from specified CSV file.-pcap-file file|fileList
Use input taken from specified pcap file or fileList. FileList uses Perl glob function.-active-3
Run all probes in active mode (default).-active-2
Run only probes P1 and P2 in active mode (stealthier).-active-1
Run only probe P2 in active mode (even stealthier)
Download (64.73K)
Changelog -
Revision history for Perl extension Net::SinFP.
1.00 Sat Sep 21 15:33:18 CEST 2012
- improvement: added a score (easier to understant than matching masks)
- improvement: added patternTcpWScale and patternTcpOLength
- improvement: -4 parameter no more required
=> new algo matches all signatures, and keeps the best matches
- improvement:
=> new algo matches all signatures (v4 and v6), and keeps the best
- improvement: new passive fingerprinting engine
- feature: multiple output modules are available
- feature: update database argument
- feature: now using Net::Frame modules
- feature: generated pcap file now contains hostname i/o IP
- feature: generate IPv6 anonymous pcap as with IPv4
- feature: auto-lookup IPv6 target MAC address
- update: P1 now uses TCP MSS option to avoid filtering device to
drop packets without this option
- update: SQL database schema (OsVersionChildren table)
- update: sinfp.pl and sinfp.db becomes sinfp3.pl and sinfp3.db
- ... and lots of bug fixes
Net::SinFP3
===========
To know more: http://www.networecon.com/tools/sinfp/
INSTALLATION
To install this module type the following:
perl Makefile.PL
make
make test
make install
DEPENDENCIES
This module requires these other modules and libraries:
Perl v5.6.1
Class::Gomor
Data::Dumper
DBD::SQLite
DBI
Digest::MD5
File::Glob
FindBin
Frontier::Client
IO::Socket::INET
IO::Socket::INET6
LWP::UserAgent
Net::Frame
Net::Frame::Device
Net::Frame::Dump
Net::Frame::Layer::IPv6
Net::Frame::Simple
Net::Libdnet
Net::Netmask
Net::Write
Net::Write::Fast
Parallel::ForkManager
POSIX
Socket
Socket6
Revision history for Perl extension Net::SinFP.
1.00 Sat Sep 21 15:33:18 CEST 2012
- improvement: added a score (easier to understant than matching masks)
- improvement: added patternTcpWScale and patternTcpOLength
- improvement: -4 parameter no more required
=> new algo matches all signatures, and keeps the best matches
- improvement:
=> new algo matches all signatures (v4 and v6), and keeps the best
- improvement: new passive fingerprinting engine
- feature: multiple output modules are available
- feature: update database argument
- feature: now using Net::Frame modules
- feature: generated pcap file now contains hostname i/o IP
- feature: generate IPv6 anonymous pcap as with IPv4
- feature: auto-lookup IPv6 target MAC address
- update: P1 now uses TCP MSS option to avoid filtering device to
drop packets without this option
- update: SQL database schema (OsVersionChildren table)
- update: sinfp.pl and sinfp.db becomes sinfp3.pl and sinfp3.db
- ... and lots of bug fixes
Net::SinFP3
===========
To know more: http://www.networecon.com/tools/sinfp/
INSTALLATION
To install this module type the following:
perl Makefile.PL
make
make test
make install
DEPENDENCIES
This module requires these other modules and libraries:
Perl v5.6.1
Class::Gomor
Data::Dumper
DBD::SQLite
DBI
Digest::MD5
File::Glob
FindBin
Frontier::Client
IO::Socket::INET
IO::Socket::INET6
LWP::UserAgent
Net::Frame
Net::Frame::Device
Net::Frame::Dump
Net::Frame::Layer::IPv6
Net::Frame::Simple
Net::Libdnet
Net::Netmask
Net::Write
Net::Write::Fast
Parallel::ForkManager
POSIX
Socket
Socket6
Source -
0 comments:
Post a Comment