Open bcoles opened 7 years ago
JBelinchon
commented
7 years ago Hi team !! What about to implement http://www.useragentstring.com/ to detect browser version. This services provides an api that could help to implement it easily. Thoughts?
bcoles
commented
7 years ago Hi @JBelinchon
Unfortunately http://www.useragentstring.com/ is not an adequate solution.
Our existing code makes use of much more than the User-Agent string which can be spoofed. This issue is that the existing code is repetitive and could be greatly improved.
Additionally, relying on their remote API is undesirable and unnecessary. We don't want to be leaking details about our zombies to remote third-party services.
bcoles
commented
5 years ago IE 5 and earlier are not supported, and likely never will be, as the hook is too large to fit in memory.
IE 7 and earlier are barely supported. I've given up trying to maintain support, and it's unlikely that continued support will be possible until staged hooking is implemented.
Accepting that these platforms won't be supported removes some limitations on choosing a library, although unfortunately jQuery 1.x + jQuery migrate is still a requirement.
At this stage, the platform.js library might be our best bet, as the most reliable and flexible. It detects the browser, OS and device hardware using both feature detection and user-agent parsing, is updated semi-regularly, and works on the few browsers and devices I tested, including IE 8, Safari on iPhone with iOS 12, modern Chrome and modern Firefox.
Another option is ua-parser-js; however it relies entirely on the user-agent string as the name implies.
Another option would be using something like FingerprintJS2 and with post-processing of the components to infer browser versions. Although some quick tests reveal FingerprintJS2 doesn't seem to play nicely with IE8.
DeezyE
commented
2 years ago FingerprintJS is pretty interesting. Testing the open source vs pro, the open source failed to identify me as same user though it was correct in browser version. Since our use case is browser version, open source should be fine.
bcoles
commented
2 years ago This is going to be an issue very soon. BeEF will not detect Firefox and Chrome beyond version 99.
https://github.com/beefproject/beef/blob/1c395a315305e9e83a2826ece5625a5f11073703/core/main/client/browser.js#L943 https://github.com/beefproject/beef/blob/1c395a315305e9e83a2826ece5625a5f11073703/core/main/client/browser.js#L2427
The current client-side browser detection code is repetitive and needs to be updated with the release of each new browser version each month. This is tedious.
Find and implement a suitable client-side library for browser fingerprinting. The library must be accurate, stable and invisible.
Ideally the library should not append elements to the DOM to identify the browser. This is sloppy, unnecessary, error-prone and not very stealthy.
Hopefully this can be implemented cleanly without too much refactoring. The framework doesn't use the browser version specific functions
isFF33(),isFF34(), etc, very often, however it would be nice to maintain this functionality somehow.