Open moloch-- opened 8 years ago
+1 for the new schema. An fingerprint object would allow the fingerprint to be more flexible like specifying IP addresses or ranges for a fingerprint, this could be useful for #10. It could also by used to specify the device is only accessible over https or to add a separate version field to help automate post discovery actions like exploitation.
[
{
"name": "Some device",
"version": "1.2.3",
"created": "2015-09-07 01:02:10.229153",
"resources": ["/someresource.css"],
"address": ["192.168.1.1"],
"protocol": "https",
},
]
Yep this is a good idea - I'll start coding on it today (thanks @moloch-- and @x0e-foobar)
Changed scheme to reflect what @moloch-- suggested, will add more functionality for things such as protocol
and address
soon :smile:
Google Chrome fingerprint generator update should be approval in an hour or two.
Adding a version
is also a very good idea
Updated JSON schema to remove ambiguity around what constitutes a "fingerprint," and allow for us to more easily add more attributes:
Single "Fingerprint" Object
List of Fingerprints