Passive OS Fingerprint смена ОС Дано Ubuntu 16.04 сервер, на сервере подняты прокси (3proxy). При подключении через прокси с MacOS, OS Fingerprint определяется как Linux 3.11 and never [fuzzy] (http://witch.valdikss.org.ru/)
На данный момент с помощью не сложных манипуляций с настройками ядра /etc/sysctl.conf, получается сменить на Android (Linux 2.2.x-3.x [generic] [fuzzy]) и Windows NT.
Нужно поменять OS Fingerprint, так что-бы http://witch.valdikss.org.ru/ определял соединение как MacOS.
сигнатуры можно взять отсюда
https://github.com/ValdikSS/p0f-mtu/blob/master/p0...
Вот скрипт на питоне, который должен решать проблему, но с ним что-то не так.
Готов на сейф сделку нужно срочно.
import logging
l=logging.getLogger("scapy.runtime")
l.setLevel(49)
import os,sys,nfqueue,re,socket
from scapy.all import *
conf.verbose = 0
conf.L3socket = L3RawSocket
#Win7 syn
chars = dict();
chars["ip_frag"] = 0L;
chars["ip_ttl"] = 128;
chars["tcp_window"] = 8192;
chars["tcp_options"] = [('MSS', 1460), ('NOP', None), ('WScale', 2), ('NOP', None), ('NOP', None), ('SAckOK', '')]
##########################
########################## MODIFING FIREWALL
##########################
#store orginal firewall
proc_str = "iptables-save"
proc = subprocess.Popen(proc_str, shell=True, stderr=subprocess.PIPE, stdout=subprocess.PIPE)
iptables_save = ''
for line in proc.stdout:
iptables_save += line
#create modified firewall to allow packet capture of out going packets only
# FYI, by altering the outgoing packets info, the response packets will
# not completely "pair up" to the the ones iptables tried to send out,
# ipso facto we have to break connection tracking to change our fingerprint
iptables_save_nfqueue = re.sub(r"OUTPUT(.*)-j ACCEPT", "OUTPUT\g<1>-j NFQUEUE --queue-num 0", iptables_save)
iptables_save_nfqueue = re.sub("-A\s+OUTPUT\s+-o\s+lo\s+-j NFQUEUE --queue-num 0", "-A OUTPUT -o lo -j ACCEPT", iptables_save_nfqueue)
proc_str = "tempfile"
proc = subprocess.Popen(proc_str, shell=True, stderr=subprocess.PIPE, stdout=subprocess.PIPE)
tempfile_name = ''
for line in proc.stdout:
tempfile_name += line
tempfile_name = tempfile_name[:-1]
outputFile = open(tempfile_name, "w")
outputFile.write(iptables_save_nfqueue)
outputFile.close()
os.system('iptables-restore '+tempfile_name)
os.remove(tempfile_name)
# END FIREWALL MOD
s = socket.socket(socket.AF_PACKET, socket.SOCK_RAW)
s.bind(("enp0s25", 0x0800))
def send_rawsock(pkt):
global s
s.send(str(pkt))
def process(i, payload):
global chars
data = payload.get_data()
pkt = IP(data)
proto = pkt.proto
#print data.encode("hex")
# Check if it is a ICMP packet
if proto is 0x01:
#print "ICMP PACKET"
payload.set_verdict(nfqueue.NF_ACCEPT)
pass
# Check if it is an TCP packet
elif proto is 0x06:
if int(pkt[TCP].flags) is 2: #SYN-only
#print "TCP SYN PACKET"
new_tcp_opts_len = len(chars["tcp_options"])
current_tcp_opts_len = len(pkt[TCP].options)
options_are_the_same = True
if pkt[IP].frag != chars["ip_frag"]:
options_are_the_same = False
if pkt[IP].ttl != chars["ip_ttl"]:
options_are_the_same = False
if pkt[TCP].window != chars["tcp_window"]:
options_are_the_same = False
if current_tcp_opts_len == new_tcp_opts_len:
for i in range(0,current_tcp_opts_len):
if pkt[TCP].options[i][0] != chars["tcp_options"][i][0]:
options_are_the_same = False
break
if pkt[TCP].options[i][1] != chars["tcp_options"][i][1]:
options_are_the_same = False
break
if options_are_the_same:
payload.set_verdict(nfqueue.NF_ACCEPT)
pass
else:
payload.set_verdict(nfqueue.NF_DROP)
newpkt = Ether()/IP()/TCP()
newpkt[IP].version = pkt[IP].version
newpkt[IP].ihl = pkt[IP].ihl
newpkt[IP].tos = pkt[IP].tos
#newpkt[IP].len = pkt[IP].len
newpkt[IP].id = pkt[IP].id
newpkt[IP].flags = pkt[IP].flags
newpkt[IP].frag = chars["ip_frag"]
newpkt[IP].ttl = chars["ip_ttl"]
newpkt[IP].proto = pkt[IP].proto
newpkt[IP].src = pkt[IP].src
newpkt[IP].dst = pkt[IP].dst
newpkt[IP].options = pkt[IP].options
newpkt[TCP].sport = pkt[TCP].sport
newpkt[TCP].dport = pkt[TCP].dport
newpkt[TCP].seq = pkt[TCP].seq
newpkt[TCP].ack = pkt[TCP].ack
#newpkt[TCP].dataofs = pkt[TCP].dataofs
newpkt[TCP].reserved = pkt[TCP].reserved
newpkt[TCP].flags = pkt[TCP].flags
newpkt[TCP].window = chars["tcp_window"]
newpkt[TCP].urgptr = pkt[TCP].urgptr
newpkt[TCP].options = chars["tcp_options"]
send_rawsock(newpkt)
pass
else:
#print "TCP NONSYN PACKET"
payload.set_verdict(nfqueue.NF_ACCEPT)
pass
# Check if it is an UDP packet
elif proto is 0x11:
#print "UDP PACKET"
payload.set_verdict(nfqueue.NF_ACCEPT)
pass
# packet is other
else:
#print "OTHER PACKET"
payload.set_verdict(nfqueue.NF_ACCEPT)
pass
def main(s):
global iptables_save
q = nfqueue.queue()
q.open()
q.set_callback(process)
q.fast_open(0, socket.AF_INET)
try:
q.try_run()
except KeyboardInterrupt:
print "Exiting..."
q.unbind(socket.AF_INET)
q.close()
s.close()
#restore orginal firewall
proc_str = "tempfile"
proc = subprocess.Popen(proc_str, shell=True, stderr=subprocess.PIPE, stdout=subprocess.PIPE)
tempfile_name = ''
for line in proc.stdout:
tempfile_name += line
tempfile_name = tempfile_name[:-1]
outputFile = open(tempfile_name, "w")
outputFile.write(iptables_save)
outputFile.close()
os.system('iptables-restore '+tempfile_name)
os.remove(tempfile_name)
try:
main(s)
except:
print "Error: caught main(s) exception"
#restore orginal firewall
proc_str = "tempfile"
proc = subprocess.Popen(proc_str, shell=True, stderr=subprocess.PIPE, stdout=subprocess.PIPE)
tempfile_name = ''
for line in proc.stdout:
tempfile_name += line
tempfile_name = tempfile_name[:-1]
outputFile = open(tempfile_name, "w")
outputFile.write(iptables_save)
outputFile.close()
os.system('iptables-restore '+tempfile_name)
os.remove(tempfile_name)
-
Dmiry Vlasov Bagow
Да, еслиб там все четко было я б сюда не писал)
-
Current freelance projects in the category C & C++
Reverse engineering of console utilities for querying SSD controllers (Flash ID)1. Purpose of the work Extraction of the application programming interface (API) for interaction with SSD/NVMe controllers from the provided set of console utilities (Phison, Silicon Motion, Realtek, Maxiotek, Marvell, JMicron, etc.). The result should be working code in C/C++… C & C++, Desktop Apps ∙ 15 hours 49 minutes back ∙ 5 proposals |
Development of a Minecraft Java Seed Map / Seed Viewer for the websiteDevelopment of Minecraft Java Seed Map / Seed Viewer for the websiteProject Description A browser-based tool Minecraft Java Seed Map / Seed Viewer needs to be developed, which will work on our website and allow the user to enter a seed from Minecraft Java Edition and view an… C & C++, HTML & CSS ∙ 22 hours 34 minutes back ∙ 12 proposals |
Comparative analysis of the effectiveness of custom software (v2.2-field) and reference software (Meshtastic v2.x)
22 USD
Comparative analysis of the effectiveness of custom software (v2.2-field) and reference software (Meshtastic v2.x) on the identical hardware platform (ESP32 + SX1268, 2W) based on the criteria of range, throughput, link stability, and power consumption. Conduct tests with… C & C++, C# ∙ 5 days 5 hours back ∙ 2 proposals |
Consultation and audit of the current project on Odoo 19 Community Edition
We are looking for an Odoo Developer — a solo developer with experience in Odoo 19 Community Edition, including using Claude Code. We need a specialist who has successfully implemented projects in Odoo and practical experience in development using Claude Code. Important: we only… C & C++, Javascript and Typescript ∙ 8 days 6 hours back ∙ 8 proposals |
Software development for Arduino (RF modules 3–7.5 GHz, automatic frequency scanning)It is necessary to develop a system on Arduino for the automatic search of active analog video signals and the automatic tuning of the transmitter to the detected frequency.It is planned to use three separate transceiver modules: 3000–4200 MHz; 4900–6000 MHz; 6100–7500… C & C++, Embedded Systems & Microcontrollers ∙ 9 days 7 hours back ∙ 4 proposals |
Dnepr