ettercap-0.8.3.1.tar.gz: .../ec_fingerprint.h

"Fossies" - the Fresh Open Source Software Archive

Member "ettercap-0.8.3.1/include/ec_fingerprint.h" (1 Aug 2020, 2836 Bytes) of package /linux/privat/ettercap-0.8.3.1.tar.gz:

As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "ec_fingerprint.h" see the Fossies "Dox" file reference documentation and the latest Fossies "Diffs" side-by-side code changes report:

0.8.3_vs_0.8.3.1.

    1 #ifndef ETTERCAP_FINGERPRINT_H
    2 #define ETTERCAP_FINGERPRINT_H
    3 
    4 EC_API_EXTERN int fingerprint_init(void);
    5 EC_API_EXTERN int fingerprint_search(const char *f, char *dst);
    6 EC_API_EXTERN void fingerprint_default(char *finger);
    7 EC_API_EXTERN void fingerprint_push(char *finger, int param, int value);
    8 EC_API_EXTERN u_int8 TTL_PREDICTOR(u_int8 x);
    9 EC_API_EXTERN int fingerprint_submit(char* host, char* page, const char *finger, const char *os);
   10 
   11 #define DEFAULT_HOST "https://www.ettercap-project.org"
   12 #define DEFAULT_PAGE "fingerprint.php"
   13 
   14 /*
   15  *  The fingerprint database has the following structure:                  
   16  *                                                                         
   17  *  WWWW:MSS:TTL:WS:S:N:D:T:F:LEN:OS                                       
   18  *                                                                         
   19  *  WWWW: 4 digit hex field indicating the TCP Window Size                 
   20  *  MSS : 4 digit hex field indicating the TCP Option Maximum Segment Size 
   21  *        if omitted in the packet or unknown it is "_MSS"                 
   22  *  TTL : 2 digit hex field indicating the IP Time To Live                 
   23  *  WS  : 2 digit hex field indicating the TCP Option Window Scale         
   24  *        if omitted in the packet or unknown it is "WS"                   
   25  *  S   : 1 digit field indicating if the TCP Option SACK permitted is true
   26  *  N   : 1 digit field indicating if the TCP Options contain a NOP        
   27  *  D   : 1 digit field indicating if the IP Don't Fragment flag is set    
   28  *  T   : 1 digit field indicating if the TCP Timestamp is present         
   29  *  F   : 1 digit ascii field indicating the flag of the packet            
   30  *        S = SYN                                                          
   31  *        A = SYN + ACK                                                    
   32  *  LEN : 2 digit hex field indicating the length of the packet            
   33  *        if irrilevant or unknown it is "LT"                              
   34  *  OS  : an ascii string representing the OS                              
   35  */
   36 
   37 
   38 enum {
   39    FINGER_LEN = 28,
   40    OS_LEN     = 60,
   41    HOST_LEN   = 100,
   42    PAGE_LEN   = 100,
   43    FINGER_WINDOW     = 0,
   44    FINGER_MSS        = 5,
   45    FINGER_TTL        = 10,
   46    FINGER_WS         = 13,
   47    FINGER_SACK       = 16,
   48    FINGER_NOP        = 18,
   49    FINGER_DF         = 20,
   50    FINGER_TIMESTAMP  = 22,
   51    FINGER_TCPFLAG    = 24,
   52    FINGER_LT         = 26,
   53 };
   54 
   55 /* 
   56  * the structure for passive information
   57  * carried by PO
   58  */
   59 
   60 struct passive_info {
   61    char fingerprint[FINGER_LEN+1];
   62    char flags;
   63       #define FP_UNKNOWN         0  /* this happen reading form a file */
   64       #define FP_HOST_LOCAL      1
   65       #define FP_HOST_NONLOCAL   1<<1
   66       #define FP_GATEWAY         1<<2
   67       #define FP_ROUTER          1<<3
   68 };
   69 
   70 
   71 #endif
   72 
   73 /* EOF */
   74 
   75 // vim:ts=3:expandtab
   76