Before DNS changes were made nmapAutomator used to quickly guess the type of operating system based on the TTL from the server. This functionality still works for IP but doesn't in the case of domains. This is due to the response ping command in the checkPing() function.
Incase of an IP, TTL result is accurate. ping -c 1 -W 3 10.10.20.196 which when cleaned for TTL with ping -c 1 -W 3 10.10.20.196 | grep ttl | cut -d " " -f 6 | cut -d "=" -f 2 gives the accurate TTL 63 in this case but this doesn't return accurate TTL value incase of a domain ping -c 1 -W 3 chocolatefactory.thm | grep ttl | cut -d " " -f 6 | cut -d "=" -f 2 will return the ICMP sequence number 1 in this case. We can bypass this with a simple check to see if this is an IP address.
Before DNS changes were made
nmapAutomator
used to quickly guess the type of operating system based on the TTL from the server. This functionality still works for IP but doesn't in the case of domains. This is due to the response ping command in thecheckPing()
function.Incase of an IP, TTL result is accurate.
ping -c 1 -W 3 10.10.20.196
which when cleaned for TTL withping -c 1 -W 3 10.10.20.196 | grep ttl | cut -d " " -f 6 | cut -d "=" -f 2
gives the accurate TTL63
in this case but this doesn't return accurate TTL value incase of a domainping -c 1 -W 3 chocolatefactory.thm | grep ttl | cut -d " " -f 6 | cut -d "=" -f 2
will return the ICMP sequence number1
in this case. We can bypass this with a simple check to see if this is an IP address.